Marek Dědič
Marek Dědič
Hi, thanks, that worked! I am wondering - I am probably not the last person to not know how to do this - maybe add docs for this? Thanks
I am not the author, but found this very helpful: https://github.com/showdownjs/showdown/wiki/Markdown's-XSS-Vulnerability-(and-how-to-mitigate-it)
Hi, for the same reason you'd make anything read-only I think 😀 To have stricter control over what gets modified... I agree that the jQuery object is huge, that's why...
Hi, this is because the string is actually converted to a regex, so you need to escape it like ```js \\/\\*Comment\\*\\/ ```
I was dumbfounded by this exact thing today, so yes... My uninformed opinion: If you pass simple string to the function, it should take it as a verbatim string. But...
I just tried removing it from my app and everything still works fine (I'm on v5) - @hperrin I could submit a PR, but honestly, I'm not sure what the...
Yeah, I thought about that (see the mention of `@html` in the original comment), but that removes all the XSS protections - which is not necessary.
Hi, I'm coming over from the perspective of #4436 and maybe don't have the full context, so sorry if I miss anything important. Just for posterity, in #4436 we arrived...
Hi, I think you got the general idea right and I am glad you liked it :) Some comments on the details: I see that you added filename even to...
As for the usefulness of `LocalSpecifier`, I probably don't have enough context, so :shrug: > Agreed smile. I can't think of any _modern_ codebase reason to want this. The closest...