sanitize markdown before rendering to prevent XSS

draw rainbox borders on element redraws in vdom method. This lets us see what being redrawn, as the vdom.diff method is breaking a few things.
2016-01-30 13:54:12 +01:00
parent 13f5371199
commit 2e3b424a1a
2 changed files with 75 additions and 17 deletions
--- a/www/md/main.js
+++ b/www/md/main.js
@@ -22,6 +22,10 @@ define([
    var $textarea = $('textarea'),
        $target = $('#target');

+    Marked.setOptions({
+        sanitize: true
+    });
+
    var draw = function (content) {
        // draw stuff
        $target.html(Marked(content));