Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't disable HTML sanitization #564

Open
cfotos opened this issue Mar 26, 2024 · 2 comments · May be fixed by #579
Open

Can't disable HTML sanitization #564

cfotos opened this issue Mar 26, 2024 · 2 comments · May be fixed by #579
Assignees
@quantizor

Comments

@cfotos
Copy link

cfotos commented Mar 26, 2024

I want to be able to render an anchor tag with an onclick attribute that executes some javascript. This was possible before version 6.11.4, but was changed in this PR.

I think that users should be able to disable this sanitization. In my case, the markdown I'm rendering will always come from a trusted source, so I don't have to worry about XSS.
@quantizor
Copy link
Owner

An option to disable sanitization makes sense

@quantizor quantizor self-assigned this Mar 27, 2024
SukkaW added a commit to SukkaW/markdown-to-jsx that referenced this issue May 13, 2024
@SukkaW
feat: allow disable sanitization (quantizor#564)
b27a802
SukkaW added a commit to SukkaW/markdown-to-jsx that referenced this issue May 13, 2024
@SukkaW
test: quantizor#564
839ec66
@SukkaW SukkaW linked a pull request May 13, 2024 that will close this issue
Open
@SukkaW
Copy link

SukkaW commented May 13, 2024

I've created a PR #579 that implements this feature. @quantizor Would you like to review it?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@quantizor quantizor

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: allow disable sanitization (#564) SukkaW/markdown-to-jsx
3 participants
@quantizor @SukkaW @cfotos