EnzoMartin
commented
10 years ago Just ran into this issue, glad to see someone already submitted a fix for it, thanks
Open eviltrout opened 11 years ago
EnzoMartin
commented
10 years ago Just ran into this issue, glad to see someone already submitted a fix for it, thanks
peterbraden
commented
10 years ago Is there some reason this hasn't been merged? I'd really like to use this.
eviltrout
commented
10 years ago Bump here -- is there a good reason not to merge this? It is behind an option so it should not affect anyone who doesn't want it.
While sanitization is an important feature of a markdown parser, it is sometimes useful to disable it. For example, on Discourse we have our own sanitizer that is executed further down the pipeline after the markdown has been rendered, so we needn't execute the sanitization twice. Also, ours is a little more flexible and allows particular tags to be whitelisted.
This patch supports an option,
sanitize: false, when rendering, to not perform sanitization. This option is not set by default so the existing behaviour stays the same unless expressly disabled.Note this patch is based on the src attribute PR because it includes two rendering tests which belong to a newly introduced file in that PR.