| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
See https://github.com/shaarli/Shaarli/issues/1307
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.
More info:
* the setting is set to true by default
* it is set to false for anyone who already have the plugin enabled
(avoid breaking existing entries)
* improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
* mention the setting in the plugin README
|
|\
| |
| | |
Describe markdown HTML rendering and display a warning
|
| |
| |
| |
| | |
Fixes #688
|
|/
|
|
|
|
|
|
|
|
|
| |
* make sure we match exactly `nomarkdown` tag
* pass the whole link data to stripNoMarkdownTag() to:
* strip the noMD tag in taglist (array)
* strip the tag in tags (string)
Fixes #689
tmp
|
|
|
|
|
| |
* Add the `.nomarkdown` section.
* Update misleading statements.
|
|
|
|
| |
Probably related to the introduction of .gitattribute with forced line ending.
|
|
Parse link description in Markdown (HTML) before rendering.
* hard remove of Shaarli's HTML before parsing.
* Using Parsedown <https://github.com/erusev/parsedown> PHP lib.
* Includes basic markdown CSS.
* Style: removed 400px height max limit for shaares.
* Unit tests.
|