@uiw/react-md-editor 3.9.1 → 3.9.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +35 -0
- package/dist/mdeditor.css +690 -0
- package/dist/mdeditor.js +73344 -0
- package/dist/mdeditor.min.css +1 -0
- package/dist/mdeditor.min.js +2 -0
- package/dist/mdeditor.min.js.LICENSE.txt +49 -0
- package/esm/components/TextArea/handleKeyDown.js +6 -0
- package/esm/components/TextArea/handleKeyDown.js.map +2 -2
- package/esm/components/TextArea/index.css +1 -2
- package/esm/components/Toolbar/index.js +15 -3
- package/esm/components/Toolbar/index.js.map +7 -2
- package/lib/components/TextArea/handleKeyDown.js +6 -0
- package/lib/components/TextArea/handleKeyDown.js.map +2 -2
- package/lib/components/Toolbar/index.js +15 -2
- package/lib/components/Toolbar/index.js.map +6 -2
- package/markdown-editor.css +1 -2
- package/package.json +15 -19
- package/src/__test__/commands.test.tsx +512 -0
- package/src/__test__/editor.test.tsx +63 -0
- package/src/__test__/utils/getSurroundingWord.test.tsx +22 -0
- package/src/components/TextArea/handleKeyDown.tsx +8 -0
- package/src/components/Toolbar/index.tsx +15 -3
package/README.md
CHANGED
|
@@ -71,6 +71,35 @@ export default function App() {
|
|
|
71
71
|
}
|
|
72
72
|
```
|
|
73
73
|
|
|
74
|
+
### Security
|
|
75
|
+
Please note markdown needs to be sanitized if you do not **completely trust** your authors.
|
|
76
|
+
Otherwise, your app is vulnerable to XSS. This can be achieved by adding [rehype-sanitize](https://github.com/rehypejs/rehype-sanitize) as a plugin.
|
|
77
|
+
|
|
78
|
+
```jsx
|
|
79
|
+
import React from "react";
|
|
80
|
+
import MDEditor from '@uiw/react-md-editor';
|
|
81
|
+
import rehypeSanitize from "rehype-sanitize";
|
|
82
|
+
|
|
83
|
+
export default function App() {
|
|
84
|
+
const [value, setValue] = React.useState("**Hello world!!!** <IFRAME SRC="javascript:javascript:alert(window.origin);"></IFRAME>");
|
|
85
|
+
return (
|
|
86
|
+
<div className="container">
|
|
87
|
+
<MDEditor
|
|
88
|
+
value={value}
|
|
89
|
+
onChange={setValue}
|
|
90
|
+
previewOptions={{
|
|
91
|
+
rehypePlugins: [[rehypeSanitize]],
|
|
92
|
+
}}
|
|
93
|
+
/>
|
|
94
|
+
<MDEditor.Markdown
|
|
95
|
+
source={value}
|
|
96
|
+
rehypePlugins={[[rehypeSanitize]]}
|
|
97
|
+
/>
|
|
98
|
+
</div>
|
|
99
|
+
);
|
|
100
|
+
}
|
|
101
|
+
```
|
|
102
|
+
|
|
74
103
|
### Custom Toolbars
|
|
75
104
|
|
|
76
105
|
[](https://codesandbox.io/embed/react-md-editor-custom-toolbars-m2n10?fontsize=14&hidenavigation=1&theme=dark)
|
|
@@ -434,6 +463,12 @@ npm run start # Preview code example.
|
|
|
434
463
|
- [@uiw/react-markdown-editor](https://github.com/uiwjs/react-markdown-editor): A markdown editor with preview, implemented with React.js and TypeScript.
|
|
435
464
|
- [@uiw/react-markdown-preview](https://github.com/uiwjs/react-markdown-preview): React component preview markdown text in web browser.
|
|
436
465
|
|
|
466
|
+
## Contributors
|
|
467
|
+
|
|
468
|
+
<a href="https://github.com/uiwjs/react-md-editor/graphs/contributors">
|
|
469
|
+
<img src="https://uiwjs.github.io/react-md-editor/CONTRIBUTORS.svg" />
|
|
470
|
+
</a>
|
|
471
|
+
|
|
437
472
|
### License
|
|
438
473
|
|
|
439
474
|
Licensed under the MIT License.
|