summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--app/Core/Helper.php2
-rw-r--r--app/constants.php2
-rw-r--r--config.default.php3
3 files changed, 6 insertions, 1 deletions
diff --git a/app/Core/Helper.php b/app/Core/Helper.php
index 34a5e6ab..1dea832a 100644
--- a/app/Core/Helper.php
+++ b/app/Core/Helper.php
@@ -502,7 +502,7 @@ class Helper
public function markdown($text, array $link = array())
{
$parser = new Markdown($link, $this);
- $parser->setMarkupEscaped(true);
+ $parser->setMarkupEscaped(MARKDOWN_ESCAPED);
return $parser->text($text);
}
diff --git a/app/constants.php b/app/constants.php
index 82d26f2c..8c23da81 100644
--- a/app/constants.php
+++ b/app/constants.php
@@ -74,3 +74,5 @@ defined('ENABLE_XFRAME') or define('ENABLE_XFRAME', true);
// Default files directory
defined('FILES_DIR') or define('FILES_DIR', 'data/files/');
+// Escape html inside markdown text
+define('MARKDOWN_ESCAPED', true);
diff --git a/config.default.php b/config.default.php
index eb9ad1b8..0306ea35 100644
--- a/config.default.php
+++ b/config.default.php
@@ -127,3 +127,6 @@ define('ENABLE_HSTS', true);
// Enable or disable "X-Frame-Options: DENY" HTTP header
define('ENABLE_XFRAME', true);
+
+// Escape html inside markdown text
+define('MARKDOWN_ESCAPED', true);
generated by cgit v1.2.3 (git 2.46.0) at 2024-11-23 20:08:14 +0000