diff options
| author | Cheng-Han, Wu | 2016-02-11 03:45:13 -0600 |
|---|---|---|
| committer | Cheng-Han, Wu | 2016-02-11 03:45:13 -0600 |
| commit | 4c4a0e0f3fe9b4e33f2182f3f8e20d87736b371d (patch) | |
| tree | d3e79f4a2481ad55eac4e56a56bb541fbb214783 /public/js/pretty.js | |
| parent | 176021ccd85630abbc3af4001f9a590d4277e584 (diff) | |
Fixed prevent XSS might break lots of tags and only need after rendered
Diffstat (limited to 'public/js/pretty.js')
| -rw-r--r-- | public/js/pretty.js | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/public/js/pretty.js b/public/js/pretty.js index 43e833c2..a38dc244 100644 --- a/public/js/pretty.js +++ b/public/js/pretty.js @@ -3,7 +3,9 @@ var text = $('<textarea/>').html(markdown.html()).text(); md.meta = {}; md.render(text); //only for get meta parseMeta(md, markdown, $('#toc'), $('#toc-affix')); -var result = postProcess(md.render(text)); +var rendered = md.render(text); +rendered = preventXSS(rendered); +var result = postProcess(rendered); markdown.html(result.html()); $(document.body).show(); finishView(markdown); |