diff options
| author | Cheng-Han, Wu | 2016-02-11 02:36:52 -0600 |
|---|---|---|
| committer | Cheng-Han, Wu | 2016-02-11 02:36:52 -0600 |
| commit | 6700f033ab2c2e6f5ab1293025d3485ecc37c321 (patch) | |
| tree | 102e3028a49d938e5c5d782568d9fbbf1937a782 /public/js/index.js | |
| parent | fdb9c47354fd370f6e69c61f2fec4a552450a62a (diff) | |
Prevent XSS in markdown rendering
Diffstat (limited to 'public/js/index.js')
| -rw-r--r-- | public/js/index.js | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/public/js/index.js b/public/js/index.js index b4e33ae3..ad77e0d3 100644 --- a/public/js/index.js +++ b/public/js/index.js @@ -2131,6 +2131,7 @@ var lastResult = null; function updateViewInner() { if (currentMode == modeType.edit || !isDirty) return; var value = editor.getValue(); + value = filterXSS(value); // prevent xss md.meta = {}; md.render(value); //only for get meta parseMeta(md, ui.area.markdown, $('#toc'), $('#toc-affix')); |