mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-23 02:09:03 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Render markdown on the client side and use DOMPurify to prevent XSS.,

Browse source 
The parsedown parser has problems with links in <>, so we use marked.js now which is more conform with (GFM) CommonMark and offers more feautures. Also with the usage of DOMPurify you can now use every HTML tag in Markdown without need to worry about XSS.
This commit is contained in:
Jan Böhmer 2019-10-12 17:41:13 +02:00
parent 7ec406d4a1
commit be8f074ca5
9 changed files with 93 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

5
assets/js/app.js
View file

@ -52,7 +52,10 @@ require('bootstrap-fileinput');
require('./datatables.js');
window.bootbox = require('bootbox')
window.bootbox = require('bootbox');
require("marked");
window.DOMPurify = require("dompurify");
// Includes required for tag input
require('./tagsinput.js');