Tissevert/pandoc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Rephrase section on unsafe HTML in manual.

Browse source
This commit is contained in:
John MacFarlane 2021-06-14 12:35:44 -07:00
parent 62533053da
commit 961268446c
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
MANUAL.txt
View file

@ -6504,9 +6504,9 @@ application, here are some things to keep in mind:
4. The HTML generated by pandoc is not guaranteed to be safe. 4. The HTML generated by pandoc is not guaranteed to be safe.
If `raw_html` is enabled for the Markdown input, users can If `raw_html` is enabled for the Markdown input, users can
inject arbitrary HTML. Even if `raw_html` is disabled, inject arbitrary HTML. Even if `raw_html` is disabled,
users can include dangerous content in attributes for users can include dangerous content in URLs and attributes.
headings, spans, and code blocks. To be safe, you should To be safe, you should run all the generated HTML through
run all the generated HTML through an HTML sanitizer. an HTML sanitizer.
# Authors # Authors