Skip to content
Permalink
Browse files

Fixes #60 xss

  • Loading branch information...
volca
volca committed Mar 7, 2017
1 parent 69b877d commit 1181f044a5457d5e1ac35804ecd84e05977f1920
Showing with 1,286 additions and 2 deletions.
  1. +1 −0 js/config.js
  2. +1 −0 js/markdownify.js
  3. +1,281 −1 js/marked.js
  4. +1 −0 js/runMathJax.js
  5. +1 −1 manifest.json
  6. +1 −0 test/test_latin.markdown
@@ -10,6 +10,7 @@ window.config = (function(hljs) {
gfm: true,
tables: true,
breaks: false,
sanitize: true,
highlight: function(code) {
return hljs.highlightAuto(code).value;
}
@@ -27,6 +27,7 @@
// Convert MarkDown to HTML without MathJax typesetting.
// This is done to make page responsiveness. The HTML body
// is replaced after MathJax typesetting.
config.markedOptions.sanitize = items.mathjax ? false : true;
marked.setOptions(config.markedOptions);
var html = marked(data);
$(document.body).html(html);

0 comments on commit 1181f04

Please sign in to comment.
You can’t perform that action at this time.