MyShaarli/tests/plugins/resources/markdown.html
ArthurHoaro e037610115 Add markdown_escape setting
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.

More info:

  * the setting is set to true by default
  * it is set to false for anyone who already have the plugin enabled
  (avoid breaking existing entries)
  * improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
  * mention the setting in the plugin README
2017-02-28 19:16:54 +01:00

24 lines
No EOL
1 KiB
HTML

<div class="markdown"><ul>
<li>test:
<ul>
<li><a href="http://link.tld">zero</a></li>
<li><a href="http://link.tld">two</a></li>
<li><a href="http://link.tld">three</a></li>
</ul></li>
</ul>
<ol>
<li><a href="http://link.tld">zero</a>
<ol>
<li><a href="http://link.tld">two</a></li>
<li><a href="http://link.tld">three</a></li>
<li><a href="http://link.tld">four</a></li>
<li>foo &lt;a href=&quot;?addtag=foobar&quot; title=&quot;Hashtag foobar&quot;&gt;#foobar&lt;/a&gt;</li>
</ol></li>
</ol>
<p>&lt;a href=&quot;?addtag=foobar&quot; title=&quot;Hashtag foobar&quot;&gt;#foobar&lt;/a&gt; foo <code>lol #foo</code> &lt;a href=&quot;?addtag=bar&quot; title=&quot;Hashtag bar&quot;&gt;#bar&lt;/a&gt;</p>
<p>fsdfs <a href="http://link.tld">http://link.tld</a> &lt;a href=&quot;?addtag=foobar&quot; title=&quot;Hashtag foobar&quot;&gt;#foobar&lt;/a&gt; <code>http://link.tld</code></p>
<pre><code>http://link.tld #foobar
next #foo</code></pre>
<p>Block:</p>
<pre><code>lorem ipsum #foobar http://link.tld
#foobar http://link.tld</code></pre></div>