sa6anw/hedgedoc-hedgeagent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Prevent XSS in markdown rendering

Browse Source
This commit is contained in:
Cheng-Han, Wu
2016-02-11 02:36:52 -06:00
parent fdb9c47354
commit 6700f033ab
5 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
public/js/index.js
View File

@@ -2131,6 +2131,7 @@ var lastResult = null;
function updateViewInner() {
if (currentMode == modeType.edit || !isDirty) return;
var value = editor.getValue();
value = filterXSS(value); // prevent xss
md.meta = {};
md.render(value); //only for get meta
parseMeta(md, ui.area.markdown, $('#toc'), $('#toc-affix'));