Skip to content

Commit

Permalink
Fix wild md rendering issue with accidental script tag
Browse files Browse the repository at this point in the history
  • Loading branch information
@MaddyGuthridge
MaddyGuthridge committed Sep 6, 2024
1 parent 369d2e8 commit 883356b
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 1 deletion.
8 changes: 8 additions & 0 deletions docs/api.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,3 +12,11 @@
- "_get_tag_pre_content"
- "_render"
- "_escape_children"

::: pyhtml.SelfClosingTag
options:
members:

::: pyhtml.WhitespaceSensitiveTag
options:
members:
2 changes: 1 addition & 1 deletion pyhtml/__tag_base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ def _escape_children(self) -> bool:
By default, all string content should be escaped to prevent security
vulnerabilities such as XSS, but this is disabled for certain tags such
as <script>.
as `<script>`.
"""
return True

Expand Down

0 comments on commit 883356b

Please sign in to comment.