Closed FroMage closed 9 years ago
It currently allows users to "escape" the place they are supposed to be at with for example the following HTML template:
<p> This contains the text: <div id="user-content">${mdContent}</div> </p>
One can then create Markdown content such as:
In the box </div></p> <p> Outside the box, looks like part of the site now <a href="malicious-link">go there to reset your password please</a> </p>
I need a way to escape every unescaped < character from the input.
<
Added a panicMode, fixed with 00fa65a963e18370569ddc73423511b85e01e0aa
Thanks! I'll try it out!
Yes, works, thanks!
It currently allows users to "escape" the place they are supposed to be at with for example the following HTML template:
One can then create Markdown content such as:
I need a way to escape every unescaped
<
character from the input.