Tissevert/pandoc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
pandoc/Text/Pandoc
History
fiddlosopher 8624ed9bd3 The '--sanitize-html' option now examines URIs in markdown links 
and images, and in HTML href and src attributes.  If the URI scheme
is not on a whitelist of safe schemes, it is rejected.  The main point
is to prevent cross-site scripting attacks using 'javascript:' URIs.
See http://www.mail-archive.com/markdown-discuss@six.pairlist.net/msg01186.html
and http://ha.ckers.org/xss.html.  Resolves Issue #62.


git-svn-id: https://pandoc.googlecode.com/svn/trunk@1262 788f1e2b-df1e-0410-8736-df70ead52e1b
2008-03-22 20:41:56 +00:00
..
Readers The '--sanitize-html' option now examines URIs in markdown links 2008-03-22 20:41:56 +00:00
Writers Fixed handling of Quoted inline elements to use unicode left & right quotes. 2008-03-21 15:45:54 +00:00
Blocks.hs Moved everything from src into the top-level directory. 2007-11-29 02:02:34 +00:00
CharacterReferences.hs Moved everything from src into the top-level directory. 2007-11-29 02:02:34 +00:00
Definition.hs Use generic attributes type, not a string, for CodeBlocks. 2008-02-09 03:19:43 +00:00
Shared.hs Moved BlockWrapper and wrappedBlocksToDoc from ConTeXt writer to Shared. 2008-02-24 05:48:31 +00:00
UTF8.hs Moved everything from src into the top-level directory. 2007-11-29 02:02:34 +00:00
XML.hs Moved XML-formatting functions to new unexported module Text.Pandoc.XML. 2008-03-19 18:46:01 +00:00