9ff17ae20e
This setting allows to escape HTML in markdown rendering or not. The goal behind it is to avoid XSS issue in shared instances. More info: * the setting is set to true by default * it is set to false for anyone who already have the plugin enabled (avoid breaking existing entries) * improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof * mention the setting in the plugin README |
||
---|---|---|
.. | ||
addlink_toolbar | ||
archiveorg | ||
demo_plugin | ||
isso | ||
markdown | ||
piwik | ||
playvideos | ||
qrcode | ||
readityourself | ||
wallabag | ||
TODO.md |