Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

php代码在历史记录中显示可以生效 #868

Open
fghwett opened this Issue Mar 24, 2019 · 5 comments

Comments

Projects
None yet
3 participants
@fghwett
Copy link

fghwett commented Mar 24, 2019

我用的markdown写的,其中包含php代码,在历史记录中查看时,php代码可以实现出来。我不知道是什么问题,希望官方能早日解决。我用的开源版,自建服务器。

@lealife

This comment has been minimized.

Copy link
Member

lealife commented Mar 24, 2019

"php代码可以实现出来" 不太理解您的需求

@fghwett

This comment has been minimized.

Copy link
Author

fghwett commented Mar 24, 2019

http://lea.zqcnc.cn:9000/blog/post/fghwett/%E7%AE%80%E5%8D%95%E4%BB%A3%E7%A0%81%E4%B8%BAphp%E9%A1%B5%E9%9D%A2%E5%8A%A0%E5%AF%86
上面的链接是原文链接

下面的链接图片是在历史记录中现实的效果,而且也能实现部分功能。
https://ws3.sinaimg.cn/large/005BYqpggy1g1e7djeqv7j31gp0qa3z3.jpg

如上图所示,在历史记录中,js、html、php代码均能实现。

@hyfree

This comment has been minimized.

Copy link

hyfree commented Mar 25, 2019

"php代码可以实现出来" 不太理解您的需求
@lealife
因为历史记录是html运行渲染来的,当笔记插入包含html笔记文本时,软件会将笔记内容当做html代码渲染。
实际上,桌面版和网页版和博客均无法正确的处理javascript和html
当笔记是HTML、javascript或者包含html的php,jsp代码时,笔记内容会注入到当前页面作为html运行起来。

@lealife

This comment has been minimized.

Copy link
Member

lealife commented Mar 26, 2019

理解了

@hyfree

This comment has been minimized.

Copy link

hyfree commented Mar 26, 2019

清单如下
1、桌面端:markdown类型笔记,历史记录无法正确处理,软件会将笔记内容当做html代码渲染。
2、网页端:markdown类型笔记,历史记录无法正确处理,网页会将笔记内容当做html代码渲染。
3、博客端:无法正确处理,软件会将笔记内容当做html代码渲染和把含javascript的笔记运行。
3、博客端:无法正确处理代码块,为了防止XSS攻击,笔记代码块会被服务器错误注释掉,导致博客内容无法正常显示。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.