MyShaarli/application
ArthurHoaro e037610115 Add markdown_escape setting
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.

More info:

  * the setting is set to true by default
  * it is set to false for anyone who already have the plugin enabled
  (avoid breaking existing entries)
  * improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
  * mention the setting in the plugin README
2017-02-28 19:16:54 +01:00
..
api REST API: implements getLink by ID service 2017-02-19 16:45:59 +01:00
config Merge pull request #732 from ArthurHoaro/feature/theme-manager 2017-01-06 11:40:54 +01:00
.htaccess .htaccess files: support Apache 2.4+ syntax 2016-11-08 11:38:14 +01:00
ApplicationUtils.php Updater: keep custom theme preference with the new theme setting 2017-01-05 16:16:27 +01:00
Base64Url.php API: fix JWT signature verification 2017-01-04 16:59:47 +01:00
Cache.php Cache: simplify cached content cleanup, improve tests 2015-08-13 23:51:31 +02:00
CachedPage.php Cleanup: remove unused variables 2017-01-05 19:51:50 +01:00
FeedBuilder.php Move PubSubHubbub code as a default plugin 2016-12-20 11:41:24 +01:00
FileUtils.php Replace $GLOBALS configuration with the configuration manager in the whole code base 2016-06-11 09:30:56 +02:00
HttpUtils.php Cleanup: use safe boolean comparisons 2017-01-07 14:37:40 +01:00
Languages.php Initialize a translation function 2016-08-07 11:54:39 +02:00
LinkDB.php Update LinkFilter to be able to filter only public links 2017-01-16 13:57:11 +01:00
LinkFilter.php Update LinkFilter to be able to filter only public links 2017-01-16 13:57:11 +01:00
LinkUtils.php Cleanup: use safe boolean comparisons 2017-01-07 14:37:40 +01:00
NetscapeBookmarkUtils.php Add a persistent 'shorturl' key to all links 2016-12-12 03:03:12 +01:00
PageBuilder.php Cleanup: explicit method visibility 2017-01-05 19:52:04 +01:00
PluginManager.php New init function for plugins, supports errors reporting 2016-10-14 13:22:58 +02:00
Router.php Bugfixes on link deletion, and use a GET form 2016-12-16 12:42:13 +01:00
ThemeUtils.php Updater: keep custom theme preference with the new theme setting 2017-01-05 16:16:27 +01:00
TimeZone.php Minor code cleanup: PHPDoc, spelling, unused variables, etc. 2016-10-20 11:36:11 +02:00
Updater.php Add markdown_escape setting 2017-02-28 19:16:54 +01:00
Url.php URL cleanup: add 'campaign_' to the annoying parameters 2017-01-04 11:42:05 +01:00
Utils.php Minor improvements regarding #705 (coding style, unit tests, etc.) 2017-01-05 16:16:23 +01:00