Skip to content

[question] How to pass options to Parsedown using the new markdown filters? #3211

Description

@o-alquimista

For example, to prevent XSS, I would use this:

$Parsedown->setSafeMode(true);

Source: https://github.com/erusev/parsedown#security

But using the markdown_to_html filter, I don't see how would I use it.

Yes, I can produce a XSS by inserting a script into the markdown code being converted to html, and I'm not using the raw filter

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions