]> git.immae.eu Git - github/shaarli/Shaarli.git/blobdiff - plugins/markdown/markdown.php
projects / github / shaarli / Shaarli.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
security: escape HTML entities when using Markdown
[github/shaarli/Shaarli.git] / plugins / markdown / markdown.php
diff --git a/plugins/markdown/markdown.php b/plugins/markdown/markdown.php
index 57fcce3268a6aa5c0454e97cab9a395959635e46..9d073fbdb32750ec6ca29020b7717663ca0c5e38 100644 (file)
--- a/plugins/markdown/markdown.php
+++ b/plugins/markdown/markdown.php
@@ -218,7 +218,7 @@ function process_markdown($description)
     $processedDescription = reverse_space2nbsp($processedDescription);
     $processedDescription = unescape($processedDescription);
     $processedDescription = $parsedown
-        ->setMarkupEscaped(false)
+        ->setMarkupEscaped(true)
         ->setBreaksEnabled(true)
         ->text($processedDescription);
     $processedDescription = sanitize_html($processedDescription);
The personal, minimalist, super-fast, database free, bookmarking service - community repo