[Suggestion] Patch XSS

[ahsan-a]

Inputting something along the lines of:

<img src=x onerror="alert('xss test')"/>

would make the JS in onerror execute. There's a couple of libraries to patch this, such as DOMPurify. However, it's up to you whether you reckon this is necessary. The XSS wouldn't harm anyone as the input field is only accessible by the current user. However, it could be something you may want to consider patching.

Cool editor btw! I've switched from stackedit to this.

[Kholid060]

Sorry for the late reply, and thank you for your suggestion. I have fixed the XSS issue in 49ed89cc8e256897a5ee3a650f128fc488adf96c