jspdf-md-renderer 4.0.1 → 4.1.0

package/dist/index.mjs

@@ -73,7 +73,8 @@ const IMAGE_WITH_ATTRS_REGEX = /(!\[[^\]]*\]\()([^)]+)(\))\s*\{([^}]+)\}/g;
 * - Quoted values: width="200.5" or width='200'
 * - Decimal values: width=200.5
 */
-const ATTR_PAIR_REGEX = /(\w+)\s*=\s*(?:"([^"]*)"|'([^']*)'|(\S+))/g;
+const ATTR_PAIR_REGEX = /(\w+)\s*=\s*(?:"([^"]*)"|'([^']*)'|([\w.+-]+))/g;
+const MAX_ATTR_BLOCK_LENGTH = 500;
 /** Valid alignment values */
 const VALID_ALIGNMENTS = [
 	"left",
@@ -97,6 +98,11 @@ const encodeAttrsToFragment = (attrs) => {
 */
 const parseRawAttributes = (attrString) => {
 	const attrs = {};
+	if (attrString.length > MAX_ATTR_BLOCK_LENGTH) {
+		console.warn(`[jspdf-md-renderer] Image attribute block too long (${attrString.length} chars), skipping attribute parsing.`);
+		return attrs;
+	}
+	ATTR_PAIR_REGEX.lastIndex = 0;
 	let match;
 	while ((match = ATTR_PAIR_REGEX.exec(attrString)) !== null) {
 		const key = match[1].toLowerCase();
@@ -406,11 +412,367 @@ const withSavedDocState = (doc, fn) => {
 	}
 };
 //#endregion
+//#region src/types/security.ts
+var SecurityViolationError = class extends Error {
+	constructor(violation) {
+		super(violation.message);
+		this.name = "SecurityViolationError";
+		this.violation = violation;
+	}
+};
+//#endregion
+//#region src/security/security-policy.ts
+const DEFAULT_SECURITY = {
+	enabled: false,
+	allowedLinkProtocols: [
+		"https:",
+		"http:",
+		"mailto:",
+		"tel:"
+	],
+	disablePdfLinks: false,
+	allowRemoteImages: true,
+	allowedImageProtocols: ["https:", "http:"],
+	allowedImageDomains: void 0,
+	allowDataUrls: true,
+	allowSvgImages: true,
+	blockLocalhost: true,
+	blockPrivateIPs: true,
+	blockLinkLocalIPs: true,
+	blockMetadataIPs: true,
+	maxMarkdownLength: 5e5,
+	maxImageCount: 200,
+	maxImageSizeBytes: 10 * 1024 * 1024,
+	maxNestedDepth: 20,
+	renderTimeoutMs: 3e4,
+	violationMode: "skip",
+	placeholderText: "[blocked]",
+	placeholderImageText: "[blocked image]"
+};
+const normalizeProtocol = (v) => `${v.trim().toLowerCase().replace(/:$/, "")}:`;
+const normalizeDomain = (v) => v.trim().toLowerCase();
+const clampInteger = (value, min, max) => Math.min(max, Math.max(min, Math.floor(value)));
+const isNodeEnvironment = () => typeof process !== "undefined" && process.versions != null && process.versions.node != null;
+/**
+* Merges user-provided security config with safe defaults and
+* validates/clamps numeric and enum fields.
+*/
+const normalizeSecurityOptions = (security) => {
+	if (!security) return { ...DEFAULT_SECURITY };
+	const merged = {
+		...DEFAULT_SECURITY,
+		...security,
+		allowedLinkProtocols: security.allowedLinkProtocols?.map(normalizeProtocol) ?? DEFAULT_SECURITY.allowedLinkProtocols,
+		allowedImageProtocols: security.allowedImageProtocols?.map(normalizeProtocol) ?? DEFAULT_SECURITY.allowedImageProtocols,
+		allowedImageDomains: security.allowedImageDomains !== void 0 ? security.allowedImageDomains.map(normalizeDomain) : DEFAULT_SECURITY.allowedImageDomains
+	};
+	if (![
+		"skip",
+		"throw",
+		"placeholder"
+	].includes(merged.violationMode || "skip")) throw new Error("[jspdf-md-renderer] security.violationMode must be skip | throw | placeholder");
+	for (const field of [
+		"maxMarkdownLength",
+		"maxImageCount",
+		"maxImageSizeBytes",
+		"maxNestedDepth",
+		"renderTimeoutMs"
+	]) {
+		const value = merged[field];
+		if (value !== void 0 && (!Number.isFinite(value) || value < 0)) throw new Error(`[jspdf-md-renderer] security.${field} must be a non-negative number`);
+	}
+	merged.maxMarkdownLength = clampInteger(merged.maxMarkdownLength || 0, 0, 5e6);
+	merged.maxImageCount = clampInteger(merged.maxImageCount || 0, 0, 1e4);
+	merged.maxImageSizeBytes = clampInteger(merged.maxImageSizeBytes || 0, 0, 100 * 1024 * 1024);
+	merged.maxNestedDepth = clampInteger(merged.maxNestedDepth || 0, 0, 100);
+	merged.renderTimeoutMs = clampInteger(merged.renderTimeoutMs || 0, 0, 3e5);
+	return merged;
+};
+const metadataHosts = new Set([
+	"metadata.google.internal",
+	"metadata",
+	"instance-data"
+]);
+const isIPv4InCidr = (ip, cidrBase, cidrMask) => {
+	const toNum = (s) => s.split(".").reduce((acc, part) => (acc << 8) + Number(part), 0) >>> 0;
+	const ipNum = toNum(ip);
+	const baseNum = toNum(cidrBase);
+	const mask = cidrMask === 0 ? 0 : 4294967295 << 32 - cidrMask >>> 0;
+	return (ipNum & mask) === (baseNum & mask);
+};
+const isLocalhostHost = (host) => host === "localhost" || host === "127.0.0.1" || host === "::1" || host === "[::1]";
+const isPrivateIPv4 = (ip) => isIPv4InCidr(ip, "10.0.0.0", 8) || isIPv4InCidr(ip, "172.16.0.0", 12) || isIPv4InCidr(ip, "192.168.0.0", 16);
+const isLinkLocalIPv4 = (ip) => isIPv4InCidr(ip, "169.254.0.0", 16);
+const isMetadataIP = (ip) => ip === "169.254.169.254" || ip === "100.100.100.200";
+/**
+* Parses an IPv6 address string into a BigInt for range comparison.
+* Supports compressed and IPv4-mapped forms.
+*/
+const parseIPv6ToBigInt = (ip) => {
+	let stripped = ip.replace(/^\[|\]$/g, "").toLowerCase();
+	if (stripped.includes(".")) {
+		const lastColon = stripped.lastIndexOf(":");
+		if (lastColon < 0) return null;
+		const ipv4Part = stripped.slice(lastColon + 1);
+		const prefix = stripped.slice(0, lastColon);
+		const parts = ipv4Part.split(".").map(Number);
+		if (parts.length !== 4 || parts.some((p) => Number.isNaN(p) || p < 0 || p > 255)) return null;
+		stripped = `${prefix}:${(parts[0] << 8 | parts[1]).toString(16)}:${(parts[2] << 8 | parts[3]).toString(16)}`;
+	}
+	let expanded = stripped;
+	if (expanded.includes("::")) {
+		const parts = expanded.split("::");
+		if (parts.length !== 2) return null;
+		const leftGroups = parts[0] ? parts[0].split(":") : [];
+		const rightGroups = parts[1] ? parts[1].split(":") : [];
+		const missing = 8 - leftGroups.length - rightGroups.length;
+		if (missing < 0) return null;
+		expanded = [
+			...leftGroups,
+			...Array(missing).fill("0"),
+			...rightGroups
+		].join(":");
+	}
+	const groups = expanded.split(":");
+	if (groups.length !== 8) return null;
+	try {
+		return groups.reduce((acc, g) => {
+			const n = parseInt(g || "0", 16);
+			if (Number.isNaN(n)) throw new Error("invalid hex");
+			return (acc << 16n) + BigInt(n);
+		}, 0n);
+	} catch {
+		return null;
+	}
+};
+const MAX_IPV6 = (1n << 128n) - 1n;
+const isIPv6InRange = (ip, prefixBigInt, prefixLength) => {
+	const ipNum = parseIPv6ToBigInt(ip);
+	if (ipNum === null) return false;
+	const mask = prefixLength === 0 ? 0n : MAX_IPV6 << BigInt(128 - prefixLength) & MAX_IPV6;
+	return (ipNum & mask) === (prefixBigInt & mask);
+};
+const isLoopbackIPv6 = (ip) => {
+	return parseIPv6ToBigInt(ip) === 1n;
+};
+const isUniqueLocalIPv6 = (ip) => isIPv6InRange(ip, 64512n << 112n, 7);
+const isLinkLocalIPv6 = (ip) => isIPv6InRange(ip, 65152n << 112n, 10);
+const extractIPv4Mapped = (ip) => {
+	const stripped = ip.replace(/^\[|\]$/g, "");
+	const dottedMatch = stripped.match(/^::ffff:(\d+\.\d+\.\d+\.\d+)$/i);
+	if (dottedMatch) return dottedMatch[1];
+	const ipNum = parseIPv6ToBigInt(stripped);
+	if (ipNum === null) return null;
+	if (ipNum >> 32n !== 65535n) return null;
+	const low32 = Number(ipNum & 4294967295n);
+	return `${low32 >>> 24 & 255}.${low32 >>> 16 & 255}.${low32 >>> 8 & 255}.${low32 & 255}`;
+};
+const isIPv4MappedPrivate = (ip) => {
+	const mapped = extractIPv4Mapped(ip);
+	return mapped ? isPrivateIPv4(mapped) : false;
+};
+const isIPv4MappedLinkLocal = (ip) => {
+	const mapped = extractIPv4Mapped(ip);
+	return mapped ? isLinkLocalIPv4(mapped) : false;
+};
+const isIPv4MappedMetadata = (ip) => {
+	const mapped = extractIPv4Mapped(ip);
+	return mapped ? isMetadataIP(mapped) : false;
+};
+/**
+* Resolves a hostname to IP addresses.
+* Returns null when resolution is unavailable (browser runtime).
+*/
+const resolveHostToIPs = async (host) => {
+	const stripped = host.replace(/^\[|\]$/g, "");
+	if (/^\d{1,3}(\.\d{1,3}){3}$/.test(stripped)) return [stripped];
+	if (stripped.includes(":")) return [stripped];
+	if (!isNodeEnvironment()) return null;
+	try {
+		return (await (await import("node:dns")).promises.lookup(stripped, { all: true })).map((entry) => entry.address);
+	} catch {
+		return [];
+	}
+};
+/**
+* Returns the action the caller should take for the violating element.
+* Throws SecurityViolationError when violationMode is 'throw'.
+*/
+const handleSecurityViolation = (security, violation) => {
+	const fullViolation = {
+		...violation,
+		timestamp: (/* @__PURE__ */ new Date()).toISOString()
+	};
+	try {
+		security.onSecurityViolation?.(fullViolation);
+	} catch (error) {
+		console.warn("[jspdf-md-renderer] security.onSecurityViolation callback failed:", error);
+	}
+	const mode = security.violationMode || "skip";
+	if (mode === "throw") throw new SecurityViolationError(fullViolation);
+	if (mode === "placeholder") return "placeholder";
+	return "skip";
+};
+const createViolation = (code, type, message, value, context) => ({
+	code,
+	type,
+	message,
+	value,
+	context
+});
+/**
+* Returns true when:
+* - allowedDomains is undefined (feature not configured, allow all), OR
+* - host matches an entry in the allowlist.
+*
+* An explicitly empty allowedDomains array means no domains are permitted.
+*/
+const isAllowedDomain = (host, allowedDomains) => {
+	if (allowedDomains === void 0) return true;
+	if (allowedDomains.length === 0) return false;
+	return allowedDomains.some((domain) => host === domain || host.endsWith(`.${domain}`));
+};
+const classifyUrl = (raw) => {
+	if (/^[a-zA-Z][a-zA-Z\d+\-.]*:/.test(raw)) return "explicitScheme";
+	if (raw.startsWith("//")) return "protocolRelative";
+	return "relativePath";
+};
+/**
+* Validates link/image URLs against protocol/domain/SSRF rules.
+*
+* URL classification:
+* - Protocol-relative (`//host/path`): treated as external absolute and validated.
+* - Explicit scheme (`https://...`): fully validated.
+* - Relative path (`/x`, `./x`, `../x`, `?x`, `#x`): allowed by default.
+*/
+const validateResourceUrl = async (rawValue, type, security, context) => {
+	const urlClass = classifyUrl(rawValue);
+	if (urlClass === "relativePath") {
+		if (security.validateUrl) {
+			let relativeUrl;
+			try {
+				relativeUrl = new URL(rawValue, "https://relative.local");
+			} catch {
+				handleSecurityViolation(security, createViolation("INVALID_URL", type, "Invalid relative URL", rawValue, context));
+				return false;
+			}
+			if (!await security.validateUrl(relativeUrl, type)) {
+				handleSecurityViolation(security, createViolation("CUSTOM_VALIDATOR_BLOCKED", type, "Custom URL validator rejected relative URL", rawValue, context));
+				return false;
+			}
+		}
+		return true;
+	}
+	let canonicalRaw = rawValue;
+	if (urlClass === "protocolRelative") canonicalRaw = `https:${rawValue}`;
+	let parsed;
+	try {
+		parsed = new URL(canonicalRaw);
+	} catch {
+		handleSecurityViolation(security, createViolation("INVALID_URL", type, "Invalid URL", rawValue, context));
+		return false;
+	}
+	if (urlClass !== "protocolRelative") {
+		const protocol = normalizeProtocol(parsed.protocol);
+		if (!(type === "link" ? security.allowedLinkProtocols || DEFAULT_SECURITY.allowedLinkProtocols : security.allowedImageProtocols || DEFAULT_SECURITY.allowedImageProtocols).includes(protocol)) {
+			handleSecurityViolation(security, createViolation(type === "link" ? "LINK_PROTOCOL_BLOCKED" : "IMAGE_PROTOCOL_BLOCKED", type, `${type} protocol is blocked`, rawValue, context));
+			return false;
+		}
+	}
+	if (type === "image" && !isAllowedDomain(parsed.hostname.toLowerCase(), security.allowedImageDomains)) {
+		handleSecurityViolation(security, createViolation("IMAGE_DOMAIN_BLOCKED", type, "Image domain is blocked", rawValue, context));
+		return false;
+	}
+	const host = parsed.hostname.toLowerCase();
+	if (security.blockLocalhost && isLocalhostHost(host)) {
+		handleSecurityViolation(security, createViolation("LOCALHOST_BLOCKED", type, "Localhost URL is blocked", rawValue, context));
+		return false;
+	}
+	if (security.blockMetadataIPs && metadataHosts.has(host)) {
+		handleSecurityViolation(security, createViolation("METADATA_IP_BLOCKED", type, "Metadata host is blocked", rawValue, context));
+		return false;
+	}
+	const ips = await resolveHostToIPs(host);
+	if (ips === null) {
+		if (type === "image") console.warn("[jspdf-md-renderer] Security warning: IP-based SSRF checks (blockPrivateIPs, blockLinkLocalIPs, blockMetadataIPs) cannot be fully enforced in browser environments. Route image fetching through a trusted server-side proxy.");
+	} else for (const ip of ips) {
+		if (security.blockLocalhost && isLocalhostHost(ip)) {
+			handleSecurityViolation(security, createViolation("LOCALHOST_BLOCKED", type, "Localhost IP is blocked", rawValue, context));
+			return false;
+		}
+		if (security.blockPrivateIPs && isPrivateIPv4(ip)) {
+			handleSecurityViolation(security, createViolation("PRIVATE_IP_BLOCKED", type, "Private IP is blocked", rawValue, context));
+			return false;
+		}
+		if (security.blockLinkLocalIPs && isLinkLocalIPv4(ip)) {
+			handleSecurityViolation(security, createViolation("LINK_LOCAL_IP_BLOCKED", type, "Link-local IP is blocked", rawValue, context));
+			return false;
+		}
+		if (security.blockMetadataIPs && isMetadataIP(ip)) {
+			handleSecurityViolation(security, createViolation("METADATA_IP_BLOCKED", type, "Metadata IP is blocked", rawValue, context));
+			return false;
+		}
+		if (security.blockLocalhost && isLoopbackIPv6(ip)) {
+			handleSecurityViolation(security, createViolation("LOCALHOST_BLOCKED", type, "IPv6 loopback is blocked", rawValue, context));
+			return false;
+		}
+		if (security.blockPrivateIPs && (isUniqueLocalIPv6(ip) || isIPv4MappedPrivate(ip))) {
+			handleSecurityViolation(security, createViolation("PRIVATE_IP_BLOCKED", type, "IPv6 private address is blocked", rawValue, context));
+			return false;
+		}
+		if (security.blockLinkLocalIPs && (isLinkLocalIPv6(ip) || isIPv4MappedLinkLocal(ip))) {
+			handleSecurityViolation(security, createViolation("LINK_LOCAL_IP_BLOCKED", type, "IPv6 link-local address is blocked", rawValue, context));
+			return false;
+		}
+		if (security.blockMetadataIPs && isIPv4MappedMetadata(ip)) {
+			handleSecurityViolation(security, createViolation("METADATA_IP_BLOCKED", type, "IPv4-mapped metadata IP is blocked", rawValue, context));
+			return false;
+		}
+	}
+	if (security.validateUrl) {
+		if (!await security.validateUrl(parsed, type)) {
+			handleSecurityViolation(security, createViolation("CUSTOM_VALIDATOR_BLOCKED", type, "Custom URL validator rejected URL", rawValue, context));
+			return false;
+		}
+	}
+	return true;
+};
+/**
+* Returns true when the value is a `data:` URL.
+*/
+const isDataUrl = (value) => value.trim().toLowerCase().startsWith("data:");
+/**
+* Returns true when the value is an SVG data URL.
+*/
+const isSvgDataUrl = (value) => {
+	const normalized = value.trim().toLowerCase();
+	return normalized.startsWith("data:image/svg+xml") || normalized.startsWith("data:image/svg");
+};
+//#endregion
 //#region src/utils/image-utils.ts
 /**
 * Standard DPI for web/screen pixels.
 */
 const DEFAULT_DPI = 96;
+const getDataUrlPayloadByteSize = (dataUrl) => {
+	const commaIndex = dataUrl.indexOf(",");
+	if (commaIndex < 0) return null;
+	const metadata = dataUrl.slice(0, commaIndex).toLowerCase();
+	const payload = dataUrl.slice(commaIndex + 1);
+	if (metadata.includes(";base64")) {
+		const normalized = payload.replace(/\s/g, "");
+		const padding = normalized.match(/=*$/)?.[0].length ?? 0;
+		return Math.floor(normalized.length * 3 / 4) - padding;
+	}
+	try {
+		const decoded = decodeURIComponent(payload);
+		if (typeof TextEncoder !== "undefined") return new TextEncoder().encode(decoded).length;
+		if (typeof Buffer !== "undefined") return Buffer.from(decoded, "utf-8").byteLength;
+		return decoded.length;
+	} catch {
+		return null;
+	}
+};
 /**
 * Converts pixel values to the document's unit system.
 * Uses 96 DPI as the standard web pixel density.
@@ -546,14 +908,84 @@ const calculateImageDimensions = (doc, element, maxWidth, maxHeight, docUnit = "
 * Recursively traverses parsed elements and loads image data for Image tokens.
 * @param elements - The parsed elements to process.
 */
-const prefetchImages = async (elements) => {
+const prefetchImages = async (elements, security) => {
 	for (const element of elements) {
 		if (element.type === "image" && element.src) try {
-			if (element.src.startsWith("data:")) element.data = element.src;
-			else {
-				const response = await fetch(element.src);
+			if (security?.enabled) if (isDataUrl(element.src)) {
+				if (isSvgDataUrl(element.src) && !security.allowSvgImages) {
+					handleSecurityViolation(security, {
+						code: "SVG_BLOCKED",
+						type: "image",
+						message: "SVG images are blocked",
+						value: element.src,
+						context: "image-src"
+					});
+					element.data = void 0;
+					element.src = void 0;
+					continue;
+				}
+				if (!security.allowDataUrls) {
+					handleSecurityViolation(security, {
+						code: "DATA_URL_BLOCKED",
+						type: "image",
+						message: "Data URLs are blocked for images",
+						value: element.src,
+						context: "image-src"
+					});
+					element.data = void 0;
+					element.src = void 0;
+					continue;
+				}
+			} else {
+				if (!security.allowRemoteImages) {
+					handleSecurityViolation(security, {
+						code: "IMAGE_PROTOCOL_BLOCKED",
+						type: "image",
+						message: "Remote images are disabled",
+						value: element.src,
+						context: "image-src"
+					});
+					element.data = void 0;
+					element.src = void 0;
+					continue;
+				}
+				if (!await validateResourceUrl(element.src, "image", security, "image-src")) {
+					element.data = void 0;
+					element.src = void 0;
+					continue;
+				}
+			}
+			if (element.src.startsWith("data:")) {
+				element.data = element.src;
+				const dataUrlBytes = getDataUrlPayloadByteSize(element.data);
+				if (security?.enabled && security.maxImageSizeBytes && dataUrlBytes !== null && dataUrlBytes > security.maxImageSizeBytes) {
+					handleSecurityViolation(security, {
+						code: "IMAGE_SIZE_EXCEEDED",
+						type: "image",
+						message: "Data URL image exceeds maxImageSizeBytes",
+						value: String(dataUrlBytes),
+						context: "data-url-size"
+					});
+					element.data = void 0;
+					element.src = void 0;
+					continue;
+				}
+			} else {
+				const response = await secureImageFetch(element.src, security);
 				if (!response.ok) throw new Error(`Failed to fetch image: ${response.statusText}`);
 				const blob = await response.blob();
+				if (security?.enabled && security.maxImageSizeBytes && blob.size > security.maxImageSizeBytes) {
+					handleSecurityViolation(security, {
+						code: "IMAGE_SIZE_EXCEEDED",
+						type: "image",
+						message: "Fetched image exceeds maxImageSizeBytes",
+						value: String(blob.size),
+						context: "blob-size"
+					});
+					element.data = void 0;
+					element.src = void 0;
+					continue;
+				}
 				element.data = await new Promise((resolve, reject) => {
 					const reader = new FileReader();
 					reader.onloadend = () => {
@@ -589,10 +1021,22 @@ const prefetchImages = async (elements) => {
 				});
 			}
 		} catch (error) {
+			if (error instanceof SecurityViolationError) throw error;
 			console.warn(`[jspdf-md-renderer] Warning: Failed to load image at ${element.src}. It will be skipped.`, error);
 		}
-		if (element.items && element.items.length > 0) await prefetchImages(element.items);
+		if (element.items && element.items.length > 0) await prefetchImages(element.items, security);
+	}
+};
+/**
+* Best-effort remote image fetch hardening.
+* In Node, re-validates URL immediately before fetch to reduce DNS rebind window.
+* In browser runtimes, or when security is undefined/disabled, delegates to normal fetch.
+*/
+const secureImageFetch = async (url, security) => {
+	if (security?.enabled && isNodeEnvironment()) {
+		if (!await validateResourceUrl(url, "image", security, "pre-fetch-recheck")) throw new Error(`[jspdf-md-renderer] URL blocked on pre-fetch recheck: ${url}`);
 	}
+	return fetch(url);
 };
 //#endregion
 //#region src/layout/wordSplitter.ts
@@ -935,10 +1379,12 @@ const renderPlainText = (doc, text, x, y, maxWidth, store, opts = {}) => {
 const renderHeading = (doc, element, indent, store) => {
 	withSavedDocState(doc, () => {
 		const headingKey = `h${element?.depth ?? 1}`;
-		const fontSize = store.options.heading?.[headingKey] ?? store.options.page.defaultFontSize;
+		const fontSize = store.options.heading?.[headingKey] ?? store.options.page.defaultTitleFontSize;
 		const headingColor = store.options.heading?.[`${headingKey}Color`] ?? store.options.heading?.color ?? "#000000";
+		const useBold = store.options.heading?.bold ?? true;
 		doc.setFontSize(fontSize);
-		doc.setFont(store.options.font.bold.name, store.options.font.bold.style || "bold");
+		if (useBold) doc.setFont(store.options.font.bold.name, store.options.font.bold.style || "bold");
+		else doc.setFont(store.options.font.regular.name, store.options.font.regular.style || "normal");
 		doc.setTextColor(headingColor);
 		breakIfOverflow(doc, store, getCharHight(doc) * 1.8);
 		const maxWidth = store.options.page.maxContentWidth - indent;
@@ -1008,10 +1454,11 @@ const renderParagraph = (doc, element, indent, store, parentElementRenderer) =>
 //#region src/renderer/components/list.ts
 const renderList = (doc, element, indentLevel, store, parentElementRenderer) => {
 	doc.setFontSize(store.options.page.defaultFontSize);
+	const listItemGap = store.options.spacing?.betweenListItems ?? 0;
 	for (const [i, point] of element?.items?.entries() ?? []) {
 		const _start = element.ordered ? (element.start ?? 1) + i : void 0;
 		parentElementRenderer(point, indentLevel + 1, store, true, _start, element.ordered);
-		if (i < (element.items?.length ?? 0) - 1) store.updateY(store.options.spacing?.betweenListItems ?? 0, "add");
+		if (i < (element.items?.length ?? 0) - 1) store.updateY(listItemGap, "add");
 	}
 	store.updateY(store.options.spacing?.afterList ?? 3, "add");
 };
@@ -1021,9 +1468,9 @@ const renderList = (doc, element, indentLevel, store, parentElementRenderer) =>
 * Render a single list item, including bullets/numbering, inline text, and any nested lists.
 */
 const renderListItem = (doc, element, indentLevel, store, parentElementRenderer, start, ordered) => {
-	breakIfOverflow(doc, store, getCharHight(doc));
 	const options = store.options;
 	const listOpts = store.options.list ?? {};
+	breakIfOverflow(doc, store, getCharHight(doc) * options.page.defaultLineHeightFactor);
 	const baseIndent = indentLevel * (listOpts.indentSize ?? options.page.indent);
 	const bullet = ordered ? `${start}. ` : listOpts.bulletChar ?? "• ";
 	const xLeft = options.page.xpading;
@@ -1100,6 +1547,7 @@ const renderRawItem = (doc, element, indentLevel, store, hasRawBullet, parentEle
 		}
 		store.updateX(xLeft, "set");
 		if (hasRawBullet && bullet) {
+			breakIfOverflow(doc, store, getCharHight(doc) * options.page.defaultLineHeightFactor);
 			const bulletWidth = doc.getTextWidth(bullet);
 			const textMaxWidth = options.page.maxContentWidth - indent - bulletWidth;
 			doc.setFont(options.font.regular.name, options.font.regular.style);
@@ -1218,7 +1666,9 @@ const renderCodeBlock = (doc, element, indentLevel, store) => {
 //#region src/renderer/components/blockquote.ts
 const renderBlockquote = (doc, element, indentLevel, store, renderElement) => {
 	const options = store.options;
+	const bqOpts = store.options.blockquote ?? {};
 	const savedDrawColor = doc.getDrawColor();
+	const savedFillColor = doc.getFillColor();
 	const savedLineWidth = doc.getLineWidth();
 	const blockquoteIndent = indentLevel + 1;
 	const currentX = store.X + indentLevel * options.page.indent;
@@ -1231,17 +1681,27 @@ const renderBlockquote = (doc, element, indentLevel, store, renderElement) => {
 	});
 	const endY = store.lastContentY || store.Y;
 	const endPage = doc.internal.getCurrentPageInfo().pageNumber;
-	const bqOpts = store.options.blockquote ?? {};
 	const barColor = bqOpts.barColor ?? "#AAAAAA";
 	const barWidth = bqOpts.barWidth ?? 1;
 	doc.setDrawColor(barColor);
 	doc.setLineWidth(barWidth);
+	const bgColor = bqOpts.backgroundColor;
 	for (let p = startPage; p <= endPage; p++) {
 		doc.setPage(p);
 		const isStart = p === startPage;
 		const isEnd = p === endPage;
 		const lineTop = isStart ? startY : options.page.topmargin;
 		const lineBottom = isEnd ? endY : options.page.maxContentHeight;
+		const lineHeight = Math.max(0, lineBottom - lineTop);
+		if (bgColor && lineHeight > 0) {
+			const bgX = barX + barWidth / 2;
+			const bgW = options.page.maxContentWidth - (bgX - options.page.xpading);
+			if (bgW > 0) {
+				doc.setFillColor(bgColor);
+				doc.rect(bgX, lineTop, bgW, lineHeight, "F");
+				doc.setDrawColor(barColor);
+			}
+		}
 		doc.line(barX, lineTop, barX, lineBottom);
 	}
 	store.recordContentY();
@@ -1249,6 +1709,7 @@ const renderBlockquote = (doc, element, indentLevel, store, renderElement) => {
 	const bqBottomSpacing = bqOpts.bottomSpacing ?? options.spacing?.afterBlockquote ?? options.page.lineSpace;
 	store.updateY(bqBottomSpacing, "add");
 	doc.setDrawColor(savedDrawColor);
+	doc.setFillColor(savedFillColor);
 	doc.setLineWidth(savedLineWidth);
 };
 //#endregion
@@ -1317,7 +1778,9 @@ const renderTable = (doc, element, indentLevel, store) => {
 		return;
 	}
 	const options = store.options;
-	const marginLeft = options.page.xmargin + indentLevel * options.page.indent;
+	const indent = indentLevel * options.page.indent;
+	const marginLeft = options.page.xpading + indent;
+	const availableWidth = Math.max(10, options.page.maxContentWidth - indent);
 	ensureSpace(doc, store, 20);
 	const columnCount = element.header.length;
 	const rows = (element.rows ?? []).map((row) => {
@@ -1350,8 +1813,9 @@ const renderTable = (doc, element, indentLevel, store) => {
 		startY: store.Y,
 		margin: {
 			left: marginLeft,
-			right: options.page.xmargin
+			right: Math.max(0, doc.internal.pageSize.getWidth() - (marginLeft + availableWidth))
 		},
+		tableWidth: availableWidth,
 		...userTableOptions,
 		didDrawPage: safeDidDrawPage,
 		didDrawCell: safeDidDrawCell
@@ -1443,6 +1907,7 @@ var RenderStore = class {
 //#endregion
 //#region src/utils/options-validation.ts
 const DEFAULT_HEADING_SIZES = {
+	bold: true,
 	h1: 24,
 	h2: 20,
 	h3: 17,
@@ -1570,6 +2035,7 @@ const validateOptions = (options) => {
 		afterTable: 3,
 		...options.spacing ?? {}
 	};
+	if (options.spacing?.betweenListItems === void 0) spacing.betweenListItems = list.itemSpacing ?? spacing.betweenListItems;
 	[
 		"afterHeading",
 		"afterParagraph",
@@ -1603,6 +2069,7 @@ const validateOptions = (options) => {
 		codeBlock,
 		spacing,
 		image,
+		security: normalizeSecurityOptions(options.security),
 		endCursorYHandler
 	};
 };
@@ -1658,6 +2125,140 @@ const applyFooter = (doc, options, pageNum, totalPages) => {
 	});
 };
 //#endregion
+//#region src/security/security-guards.ts
+/**
+* Enforces input-size limits before tokenization/rendering starts.
+* Violations are delegated to the configured violation handler.
+*/
+const enforceMarkdownLimits = (text, security) => {
+	if (!security.enabled) return;
+	if ((security.maxMarkdownLength || 0) > 0 && text.length > (security.maxMarkdownLength || 0)) {
+		const action = handleSecurityViolation(security, {
+			code: "MARKDOWN_TOO_LARGE",
+			type: "markdown",
+			message: "Markdown length exceeds configured limit",
+			value: String(text.length)
+		});
+		if (action === "skip" || action === "placeholder") throw new Error(`[jspdf-md-renderer] Markdown input rejected: length ${text.length} exceeds maxMarkdownLength ${security.maxMarkdownLength}.`);
+	}
+};
+/**
+* Walks the parsed markdown tree and enforces structural limits:
+* nesting depth and image count.
+*/
+const enforceNestedDepthAndImageCount = (elements, security) => {
+	if (!security.enabled) return;
+	let imageCount = 0;
+	const maxDepth = security.maxNestedDepth || 0;
+	const maxImageCount = security.maxImageCount || 0;
+	const placeholderText = security.placeholderImageText || "[blocked image]";
+	let imageLimitViolated = false;
+	const sanitizeNodes = (nodes, depth) => {
+		if (maxDepth > 0 && depth > maxDepth) {
+			handleSecurityViolation(security, {
+				code: "MAX_NESTED_DEPTH_EXCEEDED",
+				type: "markdown",
+				message: "Markdown nesting depth exceeds configured limit",
+				value: String(depth)
+			});
+			return [];
+		}
+		const sanitized = [];
+		for (const node of nodes) {
+			if (node.type === "image") {
+				imageCount++;
+				if (maxImageCount > 0 && imageCount > maxImageCount) {
+					if (!imageLimitViolated) {
+						imageLimitViolated = true;
+						handleSecurityViolation(security, {
+							code: "MAX_IMAGE_COUNT_EXCEEDED",
+							type: "image",
+							message: "Image count exceeds configured limit",
+							value: String(imageCount)
+						});
+					}
+					if (security.violationMode === "placeholder") sanitized.push({
+						type: "raw",
+						content: placeholderText
+					});
+					continue;
+				}
+			}
+			if (node.items?.length) node.items = sanitizeNodes(node.items, depth + 1);
+			sanitized.push(node);
+		}
+		return sanitized;
+	};
+	const sanitizedRoot = sanitizeNodes(elements, 1);
+	elements.length = 0;
+	elements.push(...sanitizedRoot);
+};
+/**
+* Creates a lightweight timeout guard function for long render flows.
+* Call the returned function at checkpoints (parse, prefetch, render loop).
+*/
+const createTimeoutGuard = (security) => {
+	const timeoutAt = security.enabled && (security.renderTimeoutMs || 0) > 0 ? Date.now() + (security.renderTimeoutMs || 0) : 0;
+	return () => {
+		if (timeoutAt > 0 && Date.now() > timeoutAt) {
+			const action = handleSecurityViolation(security, {
+				code: "RENDER_TIMEOUT_EXCEEDED",
+				type: "render",
+				message: "Render time exceeded configured timeout",
+				value: String(security.renderTimeoutMs)
+			});
+			if (action === "skip" || action === "placeholder") throw new Error(`[jspdf-md-renderer] Render aborted: exceeded renderTimeoutMs (${security.renderTimeoutMs}ms).`);
+		}
+	};
+};
+//#endregion
+//#region src/security/security-transforms.ts
+/**
+* Applies link security rules to parsed markdown elements.
+* Rejected links are downgraded to plain text by clearing `href`.
+* In placeholder mode, blocked links render `security.placeholderText`.
+*/
+const applyLinkPolicy = async (elements, security) => {
+	if (!security.enabled) return;
+	const walk = async (nodes) => {
+		for (const node of nodes) {
+			if (node.type === "link" && node.href) {
+				if (security.disablePdfLinks) node.href = void 0;
+				else if (!await validateResourceUrl(node.href, "link", security, "markdown-link")) {
+					node.href = void 0;
+					if (security.violationMode === "placeholder") {
+						node.text = security.placeholderText || "[blocked]";
+						node.items = [{
+							type: "text",
+							content: node.text
+						}];
+					}
+				}
+			}
+			if (node.items?.length) await walk(node.items);
+		}
+	};
+	await walk(elements);
+};
+/**
+* Replaces blocked image nodes with plain raw-text placeholders.
+* Used by `violationMode: 'placeholder'` to preserve layout continuity.
+*/
+const convertBlockedImagesToPlaceholder = (elements, security) => {
+	const placeholder = security.placeholderImageText || "[blocked image]";
+	const walk = (nodes) => {
+		for (const node of nodes) {
+			if (node.type === "image" && !node.data) {
+				node.type = "raw";
+				node.content = placeholder;
+				node.src = void 0;
+			}
+			if (node.items?.length) walk(node.items);
+		}
+	};
+	walk(elements);
+};
+//#endregion
 //#region src/renderer/MdTextRender.ts
 /**
 * Renders parsed markdown text into jsPDF document.
@@ -1668,9 +2269,18 @@ const applyFooter = (doc, options, pageNum, totalPages) => {
 */
 const MdTextRender = async (doc, text, options) => {
 	const validOptions = validateOptions(options);
+	const security = validOptions.security || {};
+	const guardTimeout = createTimeoutGuard(security);
+	enforceMarkdownLimits(text, security);
+	guardTimeout();
 	const store = new RenderStore(validOptions);
 	const parsedElements = await MdTextParser(text);
-	await prefetchImages(parsedElements);
+	guardTimeout();
+	enforceNestedDepthAndImageCount(parsedElements, security);
+	await applyLinkPolicy(parsedElements, security);
+	await prefetchImages(parsedElements, security);
+	guardTimeout();
+	if (security.enabled && security.violationMode === "placeholder") convertBlockedImagesToPlaceholder(parsedElements, security);
 	const renderElement = (element, indentLevel = 0, store, hasRawBullet = false, start = 0, ordered = false) => {
 		const indent = indentLevel * validOptions.page.indent;
 		switch (element.type) {
@@ -1727,9 +2337,12 @@ const MdTextRender = async (doc, text, options) => {
 				break;
 		}
 	};
-	for (const item of parsedElements) renderElement(item, 0, store);
+	for (const item of parsedElements) {
+		guardTimeout();
+		renderElement(item, 0, store);
+	}
 	applyPageDecorations(doc, validOptions);
 	validOptions.endCursorYHandler(store.Y);
 };
 //#endregion
-export { MdTextParser, MdTextRender, MdTokenType, renderInlineContent, renderPlainText, validateOptions };
+export { MdTextParser, MdTextRender, MdTokenType, SecurityViolationError, renderInlineContent, renderPlainText, validateOptions };