]> git.immae.eu Git - github/shaarli/Shaarli.git/commitdiff
projects / github / shaarli / Shaarli.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from: 9ff17ae)
Add markdown_escape setting
authorArthurHoaro <arthur@hoa.ro>
Mon, 27 Feb 2017 18:45:55 +0000 (19:45 +0100)
committerVirtualTam <virtualtam@flibidi.net>
Sat, 4 Mar 2017 08:38:12 +0000 (09:38 +0100)
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.

More info:

  * the setting is set to true by default
  * it is set to false for anyone who already have the plugin enabled
  (avoid breaking existing entries)
  * improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
  * mention the setting in the plugin README


No differences found
The personal, minimalist, super-fast, database free, bookmarking service - community repo