Skip to content

Commit

Permalink
Add notes on security
Browse files Browse the repository at this point in the history
  • Loading branch information
@wooorm
wooorm authored Jul 18, 2019
1 parent 8b34031 commit 9e0b68c
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions readme.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,12 @@ If no value is found, the algorithm checks the children of `node` and joins them
> This is not a markdown to plain-text library.
> Use [`strip-markdown`][strip-markdown] for that.
## Security

Use of `mdast-util-to-string` does not involve [**hast**][hast], user content,
or change the tree, so there are no openings for
[cross-site scripting (XSS)][xss] attacks.

## Related

* [`nlcst-to-string`](https://github.com/syntax-tree/nlcst-to-string)
Expand Down Expand Up @@ -113,3 +119,7 @@ abide by its terms.
[node]: https://github.com/syntax-tree/mdast#nodes

[strip-markdown]: https://github.com/remarkjs/strip-markdown

[xss]: https://en.wikipedia.org/wiki/Cross-site_scripting

[hast]: https://github.com/syntax-tree/hast

0 comments on commit 9e0b68c

Please sign in to comment.