django_markdown icon indicating copy to clipboard operation
django_markdown copied to clipboard

Published 20 hours ago verified publisher icon klen

Fix XSS in the preview functionality

Open j-mie opened this issue 9 years ago • 1 comments

By default this library uses the including preview page, which doesn't make use of the markdown_safe function. I changed the page to use markdown_safe so that this page wouldn't allow XSS by default.

j-mie avatar Sep 13 '16 14:09 j-mie

Is this the thread I need to subscribe to to be notify of the preview button ever working again? For me it just created a blank textarea form

invious avatar Sep 16 '16 23:09 invious