<iframe> tags don't properly render

[Kilenaitor]

Input:

<iframe width="560" height="315" src="https://www.youtube.com/embed/J_CFBjAyPWE" frameborder="0" allow="autoplay; encrypted-media"></iframe>

Output:

<div>
&lt;iframe width="560" height="315" src="https://www.youtube.com/embed/J_CFBjAyPWE" frameborder="0" allow="autoplay; encrypted-media"&gt;
</div>

Render Function:

private function markdownToHTML(string $markdown): string {
  $markdown = preg_replace('~\r\n?~', "\n", $markdown);
  $ctx = (new Markdown\ParserContext())->enableHTML_UNSAFE();
  $ast = Markdown\parse($ctx, $markdown);
  return (new Markdown\HTMLRenderer(new Markdown\RenderContext()))->render($ast);
}

Tested on version 1.0. Tested with iframe embed links from YouTube and Facebook and neither rendered.

Looks like they're treated as raw text, since the < and > are being escaped. Not sure what the exact bug is as raw HTML normally works fine, like Twitter embeds which use <blockquote>s.

I'm also sure the strings are valid since I tested with other markdown renderers.

[fredemmott]

This is the GitHub Flavored Markdown render extension (this rendering is correct for GFM), with a short blacklist of tags; it's not currently possible to disable a specific extension, but I'll add it.