File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -67,12 +67,17 @@ renderer.render(document); // "<p>This is <em>Sparta</em></p>\n"
6767```
6868
6969This uses the parser and renderer with default options. Both builders have
70- methods for configuring their behavior, e.g. calling ` escapeHtml(true) ` on
71- ` HtmlRenderer ` will escape raw HTML tags and blocks. For all available
72- options, see methods on the builders.
70+ methods for configuring their behavior:
7371
74- Note that this library doesn't try to sanitize the resulting HTML; that is
75- the responsibility of the caller.
72+ * ` escapeHtml(true) ` on ` HtmlRenderer ` will escape raw HTML tags and blocks.
73+ * ` sanitizeUrls(true) ` on ` HtmlRenderer ` will strip potentially unsafe URLs
74+ from ` <a> ` and ` <img> ` tags
75+ * For all available options, see methods on the builders.
76+
77+ Note that this library doesn't try to sanitize the resulting HTML with regards
78+ to which tags are allowed, etc. That is the responsibility of the caller, and
79+ if you expose the resulting HTML, you probably want to run a sanitizer on it
80+ after this.
7681
7782For rendering to plain text, there's also a ` TextContentRenderer ` with
7883a very similar API.
You can’t perform that action at this time.
0 commit comments