mirror/parsedown
1
0
Fork 0
mirror of https://github.com/erusev/parsedown.git synced 2023-08-10 21:13:06 +03:00
Code Releases Activity

Bigger headings in readme

Browse Source
This commit is contained in:
Emanuil Rusev 2018-12-27 22:32:54 +02:00 committed by GitHub
parent 18eaa649b5
commit 0f0987571d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
README.md
View File

@ -12,7 +12,7 @@ Better Markdown Parser in PHP
[Tests](http://parsedown.org/tests/) | [Tests](http://parsedown.org/tests/) |
[Documentation](https://github.com/erusev/parsedown/wiki/) [Documentation](https://github.com/erusev/parsedown/wiki/)
### Features ## Features
* One File * One File
* No Dependencies * No Dependencies
@ -22,7 +22,8 @@ Better Markdown Parser in PHP
* Tested in 5.3 to 7.2 and in HHVM * Tested in 5.3 to 7.2 and in HHVM
* [Markdown Extra extension](https://github.com/erusev/parsedown-extra) * [Markdown Extra extension](https://github.com/erusev/parsedown-extra)
### Installation ## Installation
#### Composer #### Composer
Install the [composer package] by running the following command: Install the [composer package] by running the following command:
@ -35,7 +36,7 @@ Install the [composer package] by running the following command:
[composer package]: https://packagist.org/packages/erusev/parsedown "The Parsedown package on packagist.org" [composer package]: https://packagist.org/packages/erusev/parsedown "The Parsedown package on packagist.org"
[latest release]: https://github.com/erusev/parsedown/releases/latest "The latest release of Parsedown" [latest release]: https://github.com/erusev/parsedown/releases/latest "The latest release of Parsedown"
### Example ## Example
``` php ``` php
$Parsedown = new Parsedown(); $Parsedown = new Parsedown();
@ -47,7 +48,7 @@ echo $Parsedown->line('Hello _Parsedown_!'); # prints: Hello <em>Parsedown</em>!
More examples in [the wiki](https://github.com/erusev/parsedown/wiki/) and in [this video tutorial](http://youtu.be/wYZBY8DEikI). More examples in [the wiki](https://github.com/erusev/parsedown/wiki/) and in [this video tutorial](http://youtu.be/wYZBY8DEikI).
### Security ## Security
Parsedown is capable of escaping user-input within the HTML that it generates. Additionally Parsedown will apply sanitisation to additional scripting vectors (such as scripting link destinations) that are introduced by the markdown syntax itself. Parsedown is capable of escaping user-input within the HTML that it generates. Additionally Parsedown will apply sanitisation to additional scripting vectors (such as scripting link destinations) that are introduced by the markdown syntax itself.
@ -65,7 +66,7 @@ In both cases you should strongly consider employing defence-in-depth measures,
Safe mode does not necessarily yield safe results when using extensions to Parsedown. Extensions should be evaluated on their own to determine their specific safety against XSS. Safe mode does not necessarily yield safe results when using extensions to Parsedown. Extensions should be evaluated on their own to determine their specific safety against XSS.
### Escaping HTML ## Escaping HTML
> ⚠️  **WARNING:** This method isn't safe from XSS! > ⚠️  **WARNING:** This method isn't safe from XSS!
If you wish to escape HTML **in trusted input**, you can use the following: If you wish to escape HTML **in trusted input**, you can use the following:
@ -76,7 +77,7 @@ $parsedown->setMarkupEscaped(true);
Beware that this still allows users to insert unsafe scripting vectors, such as links like `[xss](javascript:alert%281%29)`. Beware that this still allows users to insert unsafe scripting vectors, such as links like `[xss](javascript:alert%281%29)`.
### Questions ## Questions
**How does Parsedown work?** **How does Parsedown work?**