Closed GoogleCodeExporter closed 8 years ago
Note: either the wiki here or by a mistake of cut 'n paste the input to trigger
this
bug is slightly wrong in the main bug description. The input must be:
{{{{Python}
from markdown2 import markdown
test = """
![a][b]
[b]: http://static.reddit.com/reddit.com.header.png" onload="alert('javascript
injected')
"""
print markdown(test, safe_mode=True)
}}}
Original comment by tre...@gmail.com
on 30 Sep 2009 at 6:00
Test case added (cd test && python test.py issue30) and fix in r212. I'll do a
markdown2 1.0.1.15 release shortly for this.
Original comment by tre...@gmail.com
on 30 Sep 2009 at 6:21
Original issue reported on code.google.com by
c2531...@tyldd.com
on 29 Sep 2009 at 5:29