Displaying 1 result from an estimated 1 matches for "kn_htmlsafe_htmlsanitize".
2011 Jul 29
0
HTML sanitization
...arsing entirely). But I think that is better
than someone doing a `git pull` on markdown-js and getting privacy and XSS
problems added to their application. That is, **the default should be
safe**.
I'm **hoping I can use an existing pure-JS HTML parser** ? say, [jsdom][]'s, or
[kn_htmlsafe_htmlSanitize][], or [NodeHtmlParser][] ? rather than hacking one
together from scratch. (As a fallback, I could write a very simple parser for
the tags-and-attributes subset of XHTML.) I'm a little worried about the
performance implications of this; markdown-js is already a little slower than
Showdown, and...