Closed uberFoo closed 2 months ago
Welcome @uberFoo! 👋 Sorry you ran into some confusion.
The crate does not quote the HTML, it does escape it and prevent it from opening your app up to XSS by default. https://github.com/wooorm/markdown-rs?tab=readme-ov-file#security
This can be configured with the options noted in the readme, if you trust the content being pass through.
Super — I must have missed that. Thank you!
This crate quotes embedded HTML rather than passing it through, as the CommonMark crate suggests.
Am I missing an option or something?
Thanks for the help!