You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
3 backticks "html"
some html source with script tags
3 backticks
Instead of escaping the html, it puts it in the editor unescaped and gets parsed as HTML and the script loads and it just so happens that it breaks the loading sequence of dillinger, so its all saved instantly in a local cache (i presume), so upon refresh dillinger.io is irreversibly completely broken.
Escaping all HTML would solve this 😄
The text was updated successfully, but these errors were encountered:
Interesting bug in showdown.js, the client side markdown rendering library. If the library marked solves this, then let's switch. Can you verify marked and/or showdown can fix this? It is not dillinger specific.
Could you just HTML encode all text before mark downing it ? Try using:
$('
').text(value).html();
On Saturday, January 5, 2013, Joe McCann wrote:
Interesting bug in showdown.js, the client side markdown rendering
library. If the library marked solves this, then let's switch. Can you
verify marked and/or showdown can fix this? It is not dillinger specific.
—
Reply to this email directly or view it on GitHubhttps://github.com//issues/38#issuecomment-11884357.
I paste in the snippet:
3 backticks "html"
some html source with script tags
3 backticks
Instead of escaping the html, it puts it in the editor unescaped and gets parsed as HTML and the script loads and it just so happens that it breaks the loading sequence of dillinger, so its all saved instantly in a local cache (i presume), so upon refresh dillinger.io is irreversibly completely broken.
Escaping all HTML would solve this 😄
The text was updated successfully, but these errors were encountered: