修复直接使用 xss + markdown-it-sanitizer 导致的问题

hinesboy / mavonEditor

mavonEditor - A markdown editor based on Vue that supports a variety of personalized features

http://www.mavoneditor.com/

MIT License

6.45k stars 918 forks source link

Closed yzyeengang closed 4 years ago

yzyeengang commented 4 years ago

详见issues #567 markdown-it-sanitizer太久没更新，过时了。而且我觉得没必要value和render都使用sanitizer来防止xss，render部分使用就行，所以我将xss改成了markdown-it插件模式，并且增加了自定义过滤条件的可配置性

hinesboy commented 4 years ago

抱歉！我修复此问题后，发现您宝贵的PR，思路一致。感谢+抱歉！