aboutsummaryrefslogtreecommitdiffhomepage
path: root/index.php
diff options
context:
space:
mode:
authorArthurHoaro <arthur@hoa.ro>2017-02-27 19:45:55 +0100
committerVirtualTam <virtualtam@flibidi.net>2017-03-04 09:38:12 +0100
commit9ff17ae20effa5d54fd8481c19518123590e3bd0 (patch)
tree5950eea367714b54cb24cdfb57963adf85a907e4 /index.php
parent63bddaad4b6578d5d9a5728cba9f2f0d552805e5 (diff)
downloadShaarli-9ff17ae20effa5d54fd8481c19518123590e3bd0.tar.gz
Shaarli-9ff17ae20effa5d54fd8481c19518123590e3bd0.tar.zst
Shaarli-9ff17ae20effa5d54fd8481c19518123590e3bd0.zip
Add markdown_escape setting
This setting allows to escape HTML in markdown rendering or not. The goal behind it is to avoid XSS issue in shared instances. More info: * the setting is set to true by default * it is set to false for anyone who already have the plugin enabled (avoid breaking existing entries) * improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof * mention the setting in the plugin README
Diffstat (limited to 'index.php')
0 files changed, 0 insertions, 0 deletions