diff options
| author | John MacFarlane <jgm@berkeley.edu> | 2019-03-17 22:43:38 -0700 |
|---|---|---|
| committer | John MacFarlane <jgm@berkeley.edu> | 2019-03-17 22:43:38 -0700 |
| commit | 325a1471d2a32bcc1e2d2580b973ff4ba1df85e8 (patch) | |
| tree | 94c5f59aee2756009cbc87f8c65c73bca41a3b67 /src/cmark.h | |
| parent | ca8ef74a8d50fbd76fb0d22fb110e660ef9944a4 (diff) | |
Make rendering safe by default.
Removes CMARK_OPT_SAFE from options.
Adds CMARK_OPT_UNSAFE, with the opposite meaning.
The new default behavior is to suppress raw HTML and
potentially dangerous links. The CMARK_OPT_UNSAFE
option has to be set explicitly to prevent this.
--------------------------------------------------------
NOTE: This change will require modifications in
bindings for cmark and in most libraries and programs
that use cmark.
--------------------------------------------------------
Closes #239, #273.
Borrows heavily from @kivikakk's patch in github/cmark-gfm#123.
Diffstat (limited to 'src/cmark.h')
| -rw-r--r-- | src/cmark.h | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/cmark.h b/src/cmark.h index d1a65aa..ad9d4c4 100644 --- a/src/cmark.h +++ b/src/cmark.h @@ -552,13 +552,13 @@ char *cmark_render_latex(cmark_node *root, int options, int width); */ #define CMARK_OPT_HARDBREAKS (1 << 2) -/** Suppress raw HTML and unsafe links (`javascript:`, `vbscript:`, +/** Render raw HTML and unsafe links (`javascript:`, `vbscript:`, * `file:`, and `data:`, except for `image/png`, `image/gif`, - * `image/jpeg`, or `image/webp` mime types). Raw HTML is replaced - * by a placeholder HTML comment. Unsafe links are replaced by - * empty strings. + * `image/jpeg`, or `image/webp` mime types). By default, + * raw HTML is replaced by a placeholder HTML comment. Unsafe + * links are replaced by empty strings. */ -#define CMARK_OPT_SAFE (1 << 3) +#define CMARK_OPT_UNSAFE (1 << 17) /** Render `softbreak` elements as spaces. */ |