Skip to content

Commit

Permalink
turn on XSS protection by default
Browse files Browse the repository at this point in the history
  • Loading branch information
tamlok committed Jun 19, 2024
1 parent 9a97186 commit 74e20dc
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 2 deletions.
1 change: 1 addition & 0 deletions src/core/mainconfig.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -119,4 +119,5 @@ QString MainConfig::getVersion(const QJsonObject &p_jobj)
void MainConfig::doVersionSpecificOverride()
{
// In a new version, we may want to change one value by force.
m_editorConfig->getMarkdownEditorConfig().m_protectFromXss = true;
}
2 changes: 1 addition & 1 deletion src/core/markdowneditorconfig.h
Original file line number Diff line number Diff line change
Expand Up @@ -231,7 +231,7 @@ namespace vnotex
bool m_fetchImagesInParseAndPaste = true;

// Whether protect from Cross-Site Scripting.
bool m_protectFromXss = false;
bool m_protectFromXss = true;

// Whether allow HTML tag in Markdown source.
bool m_htmlTagEnabled = true;
Expand Down
2 changes: 1 addition & 1 deletion src/data/core/vnotex.json
Original file line number Diff line number Diff line change
Expand Up @@ -462,7 +462,7 @@
"//comment" : "Whether fetch images to local in Parse To Markdown And Paste",
"fetch_images_in_parse_and_paste" : true,
"//comment" : "Whether protect from Cross-Site Scripting attack",
"protect_from_xss" : false,
"protect_from_xss" : true,
"//comment" : "Whether allow HTML tags in source",
"html_tag" : true,
"//comment" : "Whether auto break a line with '\\n'",
Expand Down

0 comments on commit 74e20dc

Please sign in to comment.