diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 22 |
1 files changed, 15 insertions, 7 deletions
@@ -2,7 +2,7 @@ CommonMark ========== CommonMark is a [specification of Markdown syntax][the spec], -together with BSD3-licensed implementations (`stmd`) in C and javascript. +together with BSD3-licensed implementations (`stmd`) in C and JavaScript. The implementations ------------------- @@ -20,15 +20,23 @@ tarball.) --ast Print AST instead of HTML --version Print version -The javascript implementation is a single javascript file, with -no dependencies, that can be linked to in an HTML page. A standalone -version (using `node.js`) is also provided (`js/markdown`), and there is -a "dingus" for playing with it interactively. (`make dingus` will start -this.) +The JavaScript implementation is a single JavaScript file, with +no dependencies, that can be linked to in an HTML page. (To build, +it, do `make js/stmd.js`---this requires `browserify`, which you can +get using `npm install -g browserify`.) A command-line +version (using `node.js`) is also provided (`js/bin/markdown`), and +there is a "dingus" for playing with it interactively. (`make dingus` +will start this.) [Try it now!](http://jgm.github.io/stmd/js/) -[The spec] contains over 400 embedded examples which serve as conformance +Note that neither implementation attempts to sanitize link attributes or +raw HTML. If you use these libraries in applications that accept +untrusted user input, you must run the output through an HTML +sanitizer to protect against +[XSS attacks](http://en.wikipedia.org/wiki/Cross-site_scripting). + +[The spec] contains over 450 embedded examples which serve as conformance tests. To run the tests for `stmd`, do `make test`. To run them for another Markdown program, say `myprog`, do `make test PROG=myprog`. To run the tests for `stmd.js`, do `make testjs`. |