jspdf-md-renderer 4.0.1 → 4.1.0

package/dist/index.umd.js

@@ -102,7 +102,8 @@
 	* - Quoted values: width="200.5" or width='200'
 	* - Decimal values: width=200.5
 	*/
-	const ATTR_PAIR_REGEX = /(\w+)\s*=\s*(?:"([^"]*)"|'([^']*)'|(\S+))/g;
+	const ATTR_PAIR_REGEX = /(\w+)\s*=\s*(?:"([^"]*)"|'([^']*)'|([\w.+-]+))/g;
+	const MAX_ATTR_BLOCK_LENGTH = 500;
 	/** Valid alignment values */
 	const VALID_ALIGNMENTS = [
 		"left",
@@ -126,6 +127,11 @@
 	*/
 	const parseRawAttributes = (attrString) => {
 		const attrs = {};
+		if (attrString.length > MAX_ATTR_BLOCK_LENGTH) {
+			console.warn(`[jspdf-md-renderer] Image attribute block too long (${attrString.length} chars), skipping attribute parsing.`);
+			return attrs;
+		}
+		ATTR_PAIR_REGEX.lastIndex = 0;
 		let match;
 		while ((match = ATTR_PAIR_REGEX.exec(attrString)) !== null) {
 			const key = match[1].toLowerCase();
@@ -435,11 +441,367 @@
 		}
 	};
 	//#endregion
+	//#region src/types/security.ts
+	var SecurityViolationError = class extends Error {
+		constructor(violation) {
+			super(violation.message);
+			this.name = "SecurityViolationError";
+			this.violation = violation;
+		}
+	};
+	//#endregion
+	//#region src/security/security-policy.ts
+	const DEFAULT_SECURITY = {
+		enabled: false,
+		allowedLinkProtocols: [
+			"https:",
+			"http:",
+			"mailto:",
+			"tel:"
+		],
+		disablePdfLinks: false,
+		allowRemoteImages: true,
+		allowedImageProtocols: ["https:", "http:"],
+		allowedImageDomains: void 0,
+		allowDataUrls: true,
+		allowSvgImages: true,
+		blockLocalhost: true,
+		blockPrivateIPs: true,
+		blockLinkLocalIPs: true,
+		blockMetadataIPs: true,
+		maxMarkdownLength: 5e5,
+		maxImageCount: 200,
+		maxImageSizeBytes: 10 * 1024 * 1024,
+		maxNestedDepth: 20,
+		renderTimeoutMs: 3e4,
+		violationMode: "skip",
+		placeholderText: "[blocked]",
+		placeholderImageText: "[blocked image]"
+	};
+	const normalizeProtocol = (v) => `${v.trim().toLowerCase().replace(/:$/, "")}:`;
+	const normalizeDomain = (v) => v.trim().toLowerCase();
+	const clampInteger = (value, min, max) => Math.min(max, Math.max(min, Math.floor(value)));
+	const isNodeEnvironment = () => typeof process !== "undefined" && process.versions != null && process.versions.node != null;
+	/**
+	* Merges user-provided security config with safe defaults and
+	* validates/clamps numeric and enum fields.
+	*/
+	const normalizeSecurityOptions = (security) => {
+		if (!security) return { ...DEFAULT_SECURITY };
+		const merged = {
+			...DEFAULT_SECURITY,
+			...security,
+			allowedLinkProtocols: security.allowedLinkProtocols?.map(normalizeProtocol) ?? DEFAULT_SECURITY.allowedLinkProtocols,
+			allowedImageProtocols: security.allowedImageProtocols?.map(normalizeProtocol) ?? DEFAULT_SECURITY.allowedImageProtocols,
+			allowedImageDomains: security.allowedImageDomains !== void 0 ? security.allowedImageDomains.map(normalizeDomain) : DEFAULT_SECURITY.allowedImageDomains
+		};
+		if (![
+			"skip",
+			"throw",
+			"placeholder"
+		].includes(merged.violationMode || "skip")) throw new Error("[jspdf-md-renderer] security.violationMode must be skip | throw | placeholder");
+		for (const field of [
+			"maxMarkdownLength",
+			"maxImageCount",
+			"maxImageSizeBytes",
+			"maxNestedDepth",
+			"renderTimeoutMs"
+		]) {
+			const value = merged[field];
+			if (value !== void 0 && (!Number.isFinite(value) || value < 0)) throw new Error(`[jspdf-md-renderer] security.${field} must be a non-negative number`);
+		}
+		merged.maxMarkdownLength = clampInteger(merged.maxMarkdownLength || 0, 0, 5e6);
+		merged.maxImageCount = clampInteger(merged.maxImageCount || 0, 0, 1e4);
+		merged.maxImageSizeBytes = clampInteger(merged.maxImageSizeBytes || 0, 0, 100 * 1024 * 1024);
+		merged.maxNestedDepth = clampInteger(merged.maxNestedDepth || 0, 0, 100);
+		merged.renderTimeoutMs = clampInteger(merged.renderTimeoutMs || 0, 0, 3e5);
+		return merged;
+	};
+	const metadataHosts = new Set([
+		"metadata.google.internal",
+		"metadata",
+		"instance-data"
+	]);
+	const isIPv4InCidr = (ip, cidrBase, cidrMask) => {
+		const toNum = (s) => s.split(".").reduce((acc, part) => (acc << 8) + Number(part), 0) >>> 0;
+		const ipNum = toNum(ip);
+		const baseNum = toNum(cidrBase);
+		const mask = cidrMask === 0 ? 0 : 4294967295 << 32 - cidrMask >>> 0;
+		return (ipNum & mask) === (baseNum & mask);
+	};
+	const isLocalhostHost = (host) => host === "localhost" || host === "127.0.0.1" || host === "::1" || host === "[::1]";
+	const isPrivateIPv4 = (ip) => isIPv4InCidr(ip, "10.0.0.0", 8) || isIPv4InCidr(ip, "172.16.0.0", 12) || isIPv4InCidr(ip, "192.168.0.0", 16);
+	const isLinkLocalIPv4 = (ip) => isIPv4InCidr(ip, "169.254.0.0", 16);
+	const isMetadataIP = (ip) => ip === "169.254.169.254" || ip === "100.100.100.200";
+	/**
+	* Parses an IPv6 address string into a BigInt for range comparison.
+	* Supports compressed and IPv4-mapped forms.
+	*/
+	const parseIPv6ToBigInt = (ip) => {
+		let stripped = ip.replace(/^\[|\]$/g, "").toLowerCase();
+		if (stripped.includes(".")) {
+			const lastColon = stripped.lastIndexOf(":");
+			if (lastColon < 0) return null;
+			const ipv4Part = stripped.slice(lastColon + 1);
+			const prefix = stripped.slice(0, lastColon);
+			const parts = ipv4Part.split(".").map(Number);
+			if (parts.length !== 4 || parts.some((p) => Number.isNaN(p) || p < 0 || p > 255)) return null;
+			stripped = `${prefix}:${(parts[0] << 8 | parts[1]).toString(16)}:${(parts[2] << 8 | parts[3]).toString(16)}`;
+		}
+		let expanded = stripped;
+		if (expanded.includes("::")) {
+			const parts = expanded.split("::");
+			if (parts.length !== 2) return null;
+			const leftGroups = parts[0] ? parts[0].split(":") : [];
+			const rightGroups = parts[1] ? parts[1].split(":") : [];
+			const missing = 8 - leftGroups.length - rightGroups.length;
+			if (missing < 0) return null;
+			expanded = [
+				...leftGroups,
+				...Array(missing).fill("0"),
+				...rightGroups
+			].join(":");
+		}
+		const groups = expanded.split(":");
+		if (groups.length !== 8) return null;
+		try {
+			return groups.reduce((acc, g) => {
+				const n = parseInt(g || "0", 16);
+				if (Number.isNaN(n)) throw new Error("invalid hex");
+				return (acc << 16n) + BigInt(n);
+			}, 0n);
+		} catch {
+			return null;
+		}
+	};
+	const MAX_IPV6 = (1n << 128n) - 1n;
+	const isIPv6InRange = (ip, prefixBigInt, prefixLength) => {
+		const ipNum = parseIPv6ToBigInt(ip);
+		if (ipNum === null) return false;
+		const mask = prefixLength === 0 ? 0n : MAX_IPV6 << BigInt(128 - prefixLength) & MAX_IPV6;
+		return (ipNum & mask) === (prefixBigInt & mask);
+	};
+	const isLoopbackIPv6 = (ip) => {
+		return parseIPv6ToBigInt(ip) === 1n;
+	};
+	const isUniqueLocalIPv6 = (ip) => isIPv6InRange(ip, 64512n << 112n, 7);
+	const isLinkLocalIPv6 = (ip) => isIPv6InRange(ip, 65152n << 112n, 10);
+	const extractIPv4Mapped = (ip) => {
+		const stripped = ip.replace(/^\[|\]$/g, "");
+		const dottedMatch = stripped.match(/^::ffff:(\d+\.\d+\.\d+\.\d+)$/i);
+		if (dottedMatch) return dottedMatch[1];
+		const ipNum = parseIPv6ToBigInt(stripped);
+		if (ipNum === null) return null;
+		if (ipNum >> 32n !== 65535n) return null;
+		const low32 = Number(ipNum & 4294967295n);
+		return `${low32 >>> 24 & 255}.${low32 >>> 16 & 255}.${low32 >>> 8 & 255}.${low32 & 255}`;
+	};
+	const isIPv4MappedPrivate = (ip) => {
+		const mapped = extractIPv4Mapped(ip);
+		return mapped ? isPrivateIPv4(mapped) : false;
+	};
+	const isIPv4MappedLinkLocal = (ip) => {
+		const mapped = extractIPv4Mapped(ip);
+		return mapped ? isLinkLocalIPv4(mapped) : false;
+	};
+	const isIPv4MappedMetadata = (ip) => {
+		const mapped = extractIPv4Mapped(ip);
+		return mapped ? isMetadataIP(mapped) : false;
+	};
+	/**
+	* Resolves a hostname to IP addresses.
+	* Returns null when resolution is unavailable (browser runtime).
+	*/
+	const resolveHostToIPs = async (host) => {
+		const stripped = host.replace(/^\[|\]$/g, "");
+		if (/^\d{1,3}(\.\d{1,3}){3}$/.test(stripped)) return [stripped];
+		if (stripped.includes(":")) return [stripped];
+		if (!isNodeEnvironment()) return null;
+		try {
+			return (await (await import("node:dns")).promises.lookup(stripped, { all: true })).map((entry) => entry.address);
+		} catch {
+			return [];
+		}
+	};
+	/**
+	* Returns the action the caller should take for the violating element.
+	* Throws SecurityViolationError when violationMode is 'throw'.
+	*/
+	const handleSecurityViolation = (security, violation) => {
+		const fullViolation = {
+			...violation,
+			timestamp: (/* @__PURE__ */ new Date()).toISOString()
+		};
+		try {
+			security.onSecurityViolation?.(fullViolation);
+		} catch (error) {
+			console.warn("[jspdf-md-renderer] security.onSecurityViolation callback failed:", error);
+		}
+		const mode = security.violationMode || "skip";
+		if (mode === "throw") throw new SecurityViolationError(fullViolation);
+		if (mode === "placeholder") return "placeholder";
+		return "skip";
+	};
+	const createViolation = (code, type, message, value, context) => ({
+		code,
+		type,
+		message,
+		value,
+		context
+	});
+	/**
+	* Returns true when:
+	* - allowedDomains is undefined (feature not configured, allow all), OR
+	* - host matches an entry in the allowlist.
+	*
+	* An explicitly empty allowedDomains array means no domains are permitted.
+	*/
+	const isAllowedDomain = (host, allowedDomains) => {
+		if (allowedDomains === void 0) return true;
+		if (allowedDomains.length === 0) return false;
+		return allowedDomains.some((domain) => host === domain || host.endsWith(`.${domain}`));
+	};
+	const classifyUrl = (raw) => {
+		if (/^[a-zA-Z][a-zA-Z\d+\-.]*:/.test(raw)) return "explicitScheme";
+		if (raw.startsWith("//")) return "protocolRelative";
+		return "relativePath";
+	};
+	/**
+	* Validates link/image URLs against protocol/domain/SSRF rules.
+	*
+	* URL classification:
+	* - Protocol-relative (`//host/path`): treated as external absolute and validated.
+	* - Explicit scheme (`https://...`): fully validated.
+	* - Relative path (`/x`, `./x`, `../x`, `?x`, `#x`): allowed by default.
+	*/
+	const validateResourceUrl = async (rawValue, type, security, context) => {
+		const urlClass = classifyUrl(rawValue);
+		if (urlClass === "relativePath") {
+			if (security.validateUrl) {
+				let relativeUrl;
+				try {
+					relativeUrl = new URL(rawValue, "https://relative.local");
+				} catch {
+					handleSecurityViolation(security, createViolation("INVALID_URL", type, "Invalid relative URL", rawValue, context));
+					return false;
+				}
+				if (!await security.validateUrl(relativeUrl, type)) {
+					handleSecurityViolation(security, createViolation("CUSTOM_VALIDATOR_BLOCKED", type, "Custom URL validator rejected relative URL", rawValue, context));
+					return false;
+				}
+			}
+			return true;
+		}
+		let canonicalRaw = rawValue;
+		if (urlClass === "protocolRelative") canonicalRaw = `https:${rawValue}`;
+		let parsed;
+		try {
+			parsed = new URL(canonicalRaw);
+		} catch {
+			handleSecurityViolation(security, createViolation("INVALID_URL", type, "Invalid URL", rawValue, context));
+			return false;
+		}
+		if (urlClass !== "protocolRelative") {
+			const protocol = normalizeProtocol(parsed.protocol);
+			if (!(type === "link" ? security.allowedLinkProtocols || DEFAULT_SECURITY.allowedLinkProtocols : security.allowedImageProtocols || DEFAULT_SECURITY.allowedImageProtocols).includes(protocol)) {
+				handleSecurityViolation(security, createViolation(type === "link" ? "LINK_PROTOCOL_BLOCKED" : "IMAGE_PROTOCOL_BLOCKED", type, `${type} protocol is blocked`, rawValue, context));
+				return false;
+			}
+		}
+		if (type === "image" && !isAllowedDomain(parsed.hostname.toLowerCase(), security.allowedImageDomains)) {
+			handleSecurityViolation(security, createViolation("IMAGE_DOMAIN_BLOCKED", type, "Image domain is blocked", rawValue, context));
+			return false;
+		}
+		const host = parsed.hostname.toLowerCase();
+		if (security.blockLocalhost && isLocalhostHost(host)) {
+			handleSecurityViolation(security, createViolation("LOCALHOST_BLOCKED", type, "Localhost URL is blocked", rawValue, context));
+			return false;
+		}
+		if (security.blockMetadataIPs && metadataHosts.has(host)) {
+			handleSecurityViolation(security, createViolation("METADATA_IP_BLOCKED", type, "Metadata host is blocked", rawValue, context));
+			return false;
+		}
+		const ips = await resolveHostToIPs(host);
+		if (ips === null) {
+			if (type === "image") console.warn("[jspdf-md-renderer] Security warning: IP-based SSRF checks (blockPrivateIPs, blockLinkLocalIPs, blockMetadataIPs) cannot be fully enforced in browser environments. Route image fetching through a trusted server-side proxy.");
+		} else for (const ip of ips) {
+			if (security.blockLocalhost && isLocalhostHost(ip)) {
+				handleSecurityViolation(security, createViolation("LOCALHOST_BLOCKED", type, "Localhost IP is blocked", rawValue, context));
+				return false;
+			}
+			if (security.blockPrivateIPs && isPrivateIPv4(ip)) {
+				handleSecurityViolation(security, createViolation("PRIVATE_IP_BLOCKED", type, "Private IP is blocked", rawValue, context));
+				return false;
+			}
+			if (security.blockLinkLocalIPs && isLinkLocalIPv4(ip)) {
+				handleSecurityViolation(security, createViolation("LINK_LOCAL_IP_BLOCKED", type, "Link-local IP is blocked", rawValue, context));
+				return false;
+			}
+			if (security.blockMetadataIPs && isMetadataIP(ip)) {
+				handleSecurityViolation(security, createViolation("METADATA_IP_BLOCKED", type, "Metadata IP is blocked", rawValue, context));
+				return false;
+			}
+			if (security.blockLocalhost && isLoopbackIPv6(ip)) {
+				handleSecurityViolation(security, createViolation("LOCALHOST_BLOCKED", type, "IPv6 loopback is blocked", rawValue, context));
+				return false;
+			}
+			if (security.blockPrivateIPs && (isUniqueLocalIPv6(ip) || isIPv4MappedPrivate(ip))) {
+				handleSecurityViolation(security, createViolation("PRIVATE_IP_BLOCKED", type, "IPv6 private address is blocked", rawValue, context));
+				return false;
+			}
+			if (security.blockLinkLocalIPs && (isLinkLocalIPv6(ip) || isIPv4MappedLinkLocal(ip))) {
+				handleSecurityViolation(security, createViolation("LINK_LOCAL_IP_BLOCKED", type, "IPv6 link-local address is blocked", rawValue, context));
+				return false;
+			}
+			if (security.blockMetadataIPs && isIPv4MappedMetadata(ip)) {
+				handleSecurityViolation(security, createViolation("METADATA_IP_BLOCKED", type, "IPv4-mapped metadata IP is blocked", rawValue, context));
+				return false;
+			}
+		}
+		if (security.validateUrl) {
+			if (!await security.validateUrl(parsed, type)) {
+				handleSecurityViolation(security, createViolation("CUSTOM_VALIDATOR_BLOCKED", type, "Custom URL validator rejected URL", rawValue, context));
+				return false;
+			}
+		}
+		return true;
+	};
+	/**
+	* Returns true when the value is a `data:` URL.
+	*/
+	const isDataUrl = (value) => value.trim().toLowerCase().startsWith("data:");
+	/**
+	* Returns true when the value is an SVG data URL.
+	*/
+	const isSvgDataUrl = (value) => {
+		const normalized = value.trim().toLowerCase();
+		return normalized.startsWith("data:image/svg+xml") || normalized.startsWith("data:image/svg");
+	};
+	//#endregion
 	//#region src/utils/image-utils.ts
 	/**
 	* Standard DPI for web/screen pixels.
 	*/
 	const DEFAULT_DPI = 96;
+	const getDataUrlPayloadByteSize = (dataUrl) => {
+		const commaIndex = dataUrl.indexOf(",");
+		if (commaIndex < 0) return null;
+		const metadata = dataUrl.slice(0, commaIndex).toLowerCase();
+		const payload = dataUrl.slice(commaIndex + 1);
+		if (metadata.includes(";base64")) {
+			const normalized = payload.replace(/\s/g, "");
+			const padding = normalized.match(/=*$/)?.[0].length ?? 0;
+			return Math.floor(normalized.length * 3 / 4) - padding;
+		}
+		try {
+			const decoded = decodeURIComponent(payload);
+			if (typeof TextEncoder !== "undefined") return new TextEncoder().encode(decoded).length;
+			if (typeof Buffer !== "undefined") return Buffer.from(decoded, "utf-8").byteLength;
+			return decoded.length;
+		} catch {
+			return null;
+		}
+	};
 	/**
 	* Converts pixel values to the document's unit system.
 	* Uses 96 DPI as the standard web pixel density.
@@ -575,14 +937,84 @@
 	* Recursively traverses parsed elements and loads image data for Image tokens.
 	* @param elements - The parsed elements to process.
 	*/
-	const prefetchImages = async (elements) => {
+	const prefetchImages = async (elements, security) => {
 		for (const element of elements) {
 			if (element.type === "image" && element.src) try {
-				if (element.src.startsWith("data:")) element.data = element.src;
-				else {
-					const response = await fetch(element.src);
+				if (security?.enabled) if (isDataUrl(element.src)) {
+					if (isSvgDataUrl(element.src) && !security.allowSvgImages) {
+						handleSecurityViolation(security, {
+							code: "SVG_BLOCKED",
+							type: "image",
+							message: "SVG images are blocked",
+							value: element.src,
+							context: "image-src"
+						});
+						element.data = void 0;
+						element.src = void 0;
+						continue;
+					}
+					if (!security.allowDataUrls) {
+						handleSecurityViolation(security, {
+							code: "DATA_URL_BLOCKED",
+							type: "image",
+							message: "Data URLs are blocked for images",
+							value: element.src,
+							context: "image-src"
+						});
+						element.data = void 0;
+						element.src = void 0;
+						continue;
+					}
+				} else {
+					if (!security.allowRemoteImages) {
+						handleSecurityViolation(security, {
+							code: "IMAGE_PROTOCOL_BLOCKED",
+							type: "image",
+							message: "Remote images are disabled",
+							value: element.src,
+							context: "image-src"
+						});
+						element.data = void 0;
+						element.src = void 0;
+						continue;
+					}
+					if (!await validateResourceUrl(element.src, "image", security, "image-src")) {
+						element.data = void 0;
+						element.src = void 0;
+						continue;
+					}
+				}
+				if (element.src.startsWith("data:")) {
+					element.data = element.src;
+					const dataUrlBytes = getDataUrlPayloadByteSize(element.data);
+					if (security?.enabled && security.maxImageSizeBytes && dataUrlBytes !== null && dataUrlBytes > security.maxImageSizeBytes) {
+						handleSecurityViolation(security, {
+							code: "IMAGE_SIZE_EXCEEDED",
+							type: "image",
+							message: "Data URL image exceeds maxImageSizeBytes",
+							value: String(dataUrlBytes),
+							context: "data-url-size"
+						});
+						element.data = void 0;
+						element.src = void 0;
+						continue;
+					}
+				} else {
+					const response = await secureImageFetch(element.src, security);
 					if (!response.ok) throw new Error(`Failed to fetch image: ${response.statusText}`);
 					const blob = await response.blob();
+					if (security?.enabled && security.maxImageSizeBytes && blob.size > security.maxImageSizeBytes) {
+						handleSecurityViolation(security, {
+							code: "IMAGE_SIZE_EXCEEDED",
+							type: "image",
+							message: "Fetched image exceeds maxImageSizeBytes",
+							value: String(blob.size),
+							context: "blob-size"
+						});
+						element.data = void 0;
+						element.src = void 0;
+						continue;
+					}
 					element.data = await new Promise((resolve, reject) => {
 						const reader = new FileReader();
 						reader.onloadend = () => {
@@ -618,10 +1050,22 @@
 					});
 				}
 			} catch (error) {
+				if (error instanceof SecurityViolationError) throw error;
 				console.warn(`[jspdf-md-renderer] Warning: Failed to load image at ${element.src}. It will be skipped.`, error);
 			}
-			if (element.items && element.items.length > 0) await prefetchImages(element.items);
+			if (element.items && element.items.length > 0) await prefetchImages(element.items, security);
+		}
+	};
+	/**
+	* Best-effort remote image fetch hardening.
+	* In Node, re-validates URL immediately before fetch to reduce DNS rebind window.
+	* In browser runtimes, or when security is undefined/disabled, delegates to normal fetch.
+	*/
+	const secureImageFetch = async (url, security) => {
+		if (security?.enabled && isNodeEnvironment()) {
+			if (!await validateResourceUrl(url, "image", security, "pre-fetch-recheck")) throw new Error(`[jspdf-md-renderer] URL blocked on pre-fetch recheck: ${url}`);
 		}
+		return fetch(url);
 	};
 	//#endregion
 	//#region src/layout/wordSplitter.ts
@@ -964,10 +1408,12 @@
 	const renderHeading = (doc, element, indent, store) => {
 		withSavedDocState(doc, () => {
 			const headingKey = `h${element?.depth ?? 1}`;
-			const fontSize = store.options.heading?.[headingKey] ?? store.options.page.defaultFontSize;
+			const fontSize = store.options.heading?.[headingKey] ?? store.options.page.defaultTitleFontSize;
 			const headingColor = store.options.heading?.[`${headingKey}Color`] ?? store.options.heading?.color ?? "#000000";
+			const useBold = store.options.heading?.bold ?? true;
 			doc.setFontSize(fontSize);
-			doc.setFont(store.options.font.bold.name, store.options.font.bold.style || "bold");
+			if (useBold) doc.setFont(store.options.font.bold.name, store.options.font.bold.style || "bold");
+			else doc.setFont(store.options.font.regular.name, store.options.font.regular.style || "normal");
 			doc.setTextColor(headingColor);
 			breakIfOverflow(doc, store, getCharHight(doc) * 1.8);
 			const maxWidth = store.options.page.maxContentWidth - indent;
@@ -1037,10 +1483,11 @@
 	//#region src/renderer/components/list.ts
 	const renderList = (doc, element, indentLevel, store, parentElementRenderer) => {
 		doc.setFontSize(store.options.page.defaultFontSize);
+		const listItemGap = store.options.spacing?.betweenListItems ?? 0;
 		for (const [i, point] of element?.items?.entries() ?? []) {
 			const _start = element.ordered ? (element.start ?? 1) + i : void 0;
 			parentElementRenderer(point, indentLevel + 1, store, true, _start, element.ordered);
-			if (i < (element.items?.length ?? 0) - 1) store.updateY(store.options.spacing?.betweenListItems ?? 0, "add");
+			if (i < (element.items?.length ?? 0) - 1) store.updateY(listItemGap, "add");
 		}
 		store.updateY(store.options.spacing?.afterList ?? 3, "add");
 	};
@@ -1050,9 +1497,9 @@
 	* Render a single list item, including bullets/numbering, inline text, and any nested lists.
 	*/
 	const renderListItem = (doc, element, indentLevel, store, parentElementRenderer, start, ordered) => {
-		breakIfOverflow(doc, store, getCharHight(doc));
 		const options = store.options;
 		const listOpts = store.options.list ?? {};
+		breakIfOverflow(doc, store, getCharHight(doc) * options.page.defaultLineHeightFactor);
 		const baseIndent = indentLevel * (listOpts.indentSize ?? options.page.indent);
 		const bullet = ordered ? `${start}. ` : listOpts.bulletChar ?? "• ";
 		const xLeft = options.page.xpading;
@@ -1129,6 +1576,7 @@
 			}
 			store.updateX(xLeft, "set");
 			if (hasRawBullet && bullet) {
+				breakIfOverflow(doc, store, getCharHight(doc) * options.page.defaultLineHeightFactor);
 				const bulletWidth = doc.getTextWidth(bullet);
 				const textMaxWidth = options.page.maxContentWidth - indent - bulletWidth;
 				doc.setFont(options.font.regular.name, options.font.regular.style);
@@ -1247,7 +1695,9 @@
 	//#region src/renderer/components/blockquote.ts
 	const renderBlockquote = (doc, element, indentLevel, store, renderElement) => {
 		const options = store.options;
+		const bqOpts = store.options.blockquote ?? {};
 		const savedDrawColor = doc.getDrawColor();
+		const savedFillColor = doc.getFillColor();
 		const savedLineWidth = doc.getLineWidth();
 		const blockquoteIndent = indentLevel + 1;
 		const currentX = store.X + indentLevel * options.page.indent;
@@ -1260,17 +1710,27 @@
 		});
 		const endY = store.lastContentY || store.Y;
 		const endPage = doc.internal.getCurrentPageInfo().pageNumber;
-		const bqOpts = store.options.blockquote ?? {};
 		const barColor = bqOpts.barColor ?? "#AAAAAA";
 		const barWidth = bqOpts.barWidth ?? 1;
 		doc.setDrawColor(barColor);
 		doc.setLineWidth(barWidth);
+		const bgColor = bqOpts.backgroundColor;
 		for (let p = startPage; p <= endPage; p++) {
 			doc.setPage(p);
 			const isStart = p === startPage;
 			const isEnd = p === endPage;
 			const lineTop = isStart ? startY : options.page.topmargin;
 			const lineBottom = isEnd ? endY : options.page.maxContentHeight;
+			const lineHeight = Math.max(0, lineBottom - lineTop);
+			if (bgColor && lineHeight > 0) {
+				const bgX = barX + barWidth / 2;
+				const bgW = options.page.maxContentWidth - (bgX - options.page.xpading);
+				if (bgW > 0) {
+					doc.setFillColor(bgColor);
+					doc.rect(bgX, lineTop, bgW, lineHeight, "F");
+					doc.setDrawColor(barColor);
+				}
+			}
 			doc.line(barX, lineTop, barX, lineBottom);
 		}
 		store.recordContentY();
@@ -1278,6 +1738,7 @@
 		const bqBottomSpacing = bqOpts.bottomSpacing ?? options.spacing?.afterBlockquote ?? options.page.lineSpace;
 		store.updateY(bqBottomSpacing, "add");
 		doc.setDrawColor(savedDrawColor);
+		doc.setFillColor(savedFillColor);
 		doc.setLineWidth(savedLineWidth);
 	};
 	//#endregion
@@ -1346,7 +1807,9 @@
 			return;
 		}
 		const options = store.options;
-		const marginLeft = options.page.xmargin + indentLevel * options.page.indent;
+		const indent = indentLevel * options.page.indent;
+		const marginLeft = options.page.xpading + indent;
+		const availableWidth = Math.max(10, options.page.maxContentWidth - indent);
 		ensureSpace(doc, store, 20);
 		const columnCount = element.header.length;
 		const rows = (element.rows ?? []).map((row) => {
@@ -1379,8 +1842,9 @@
 			startY: store.Y,
 			margin: {
 				left: marginLeft,
-				right: options.page.xmargin
+				right: Math.max(0, doc.internal.pageSize.getWidth() - (marginLeft + availableWidth))
 			},
+			tableWidth: availableWidth,
 			...userTableOptions,
 			didDrawPage: safeDidDrawPage,
 			didDrawCell: safeDidDrawCell
@@ -1472,6 +1936,7 @@
 	//#endregion
 	//#region src/utils/options-validation.ts
 	const DEFAULT_HEADING_SIZES = {
+		bold: true,
 		h1: 24,
 		h2: 20,
 		h3: 17,
@@ -1599,6 +2064,7 @@
 			afterTable: 3,
 			...options.spacing ?? {}
 		};
+		if (options.spacing?.betweenListItems === void 0) spacing.betweenListItems = list.itemSpacing ?? spacing.betweenListItems;
 		[
 			"afterHeading",
 			"afterParagraph",
@@ -1632,6 +2098,7 @@
 			codeBlock,
 			spacing,
 			image,
+			security: normalizeSecurityOptions(options.security),
 			endCursorYHandler
 		};
 	};
@@ -1687,6 +2154,140 @@
 		});
 	};
 	//#endregion
+	//#region src/security/security-guards.ts
+	/**
+	* Enforces input-size limits before tokenization/rendering starts.
+	* Violations are delegated to the configured violation handler.
+	*/
+	const enforceMarkdownLimits = (text, security) => {
+		if (!security.enabled) return;
+		if ((security.maxMarkdownLength || 0) > 0 && text.length > (security.maxMarkdownLength || 0)) {
+			const action = handleSecurityViolation(security, {
+				code: "MARKDOWN_TOO_LARGE",
+				type: "markdown",
+				message: "Markdown length exceeds configured limit",
+				value: String(text.length)
+			});
+			if (action === "skip" || action === "placeholder") throw new Error(`[jspdf-md-renderer] Markdown input rejected: length ${text.length} exceeds maxMarkdownLength ${security.maxMarkdownLength}.`);
+		}
+	};
+	/**
+	* Walks the parsed markdown tree and enforces structural limits:
+	* nesting depth and image count.
+	*/
+	const enforceNestedDepthAndImageCount = (elements, security) => {
+		if (!security.enabled) return;
+		let imageCount = 0;
+		const maxDepth = security.maxNestedDepth || 0;
+		const maxImageCount = security.maxImageCount || 0;
+		const placeholderText = security.placeholderImageText || "[blocked image]";
+		let imageLimitViolated = false;
+		const sanitizeNodes = (nodes, depth) => {
+			if (maxDepth > 0 && depth > maxDepth) {
+				handleSecurityViolation(security, {
+					code: "MAX_NESTED_DEPTH_EXCEEDED",
+					type: "markdown",
+					message: "Markdown nesting depth exceeds configured limit",
+					value: String(depth)
+				});
+				return [];
+			}
+			const sanitized = [];
+			for (const node of nodes) {
+				if (node.type === "image") {
+					imageCount++;
+					if (maxImageCount > 0 && imageCount > maxImageCount) {
+						if (!imageLimitViolated) {
+							imageLimitViolated = true;
+							handleSecurityViolation(security, {
+								code: "MAX_IMAGE_COUNT_EXCEEDED",
+								type: "image",
+								message: "Image count exceeds configured limit",
+								value: String(imageCount)
+							});
+						}
+						if (security.violationMode === "placeholder") sanitized.push({
+							type: "raw",
+							content: placeholderText
+						});
+						continue;
+					}
+				}
+				if (node.items?.length) node.items = sanitizeNodes(node.items, depth + 1);
+				sanitized.push(node);
+			}
+			return sanitized;
+		};
+		const sanitizedRoot = sanitizeNodes(elements, 1);
+		elements.length = 0;
+		elements.push(...sanitizedRoot);
+	};
+	/**
+	* Creates a lightweight timeout guard function for long render flows.
+	* Call the returned function at checkpoints (parse, prefetch, render loop).
+	*/
+	const createTimeoutGuard = (security) => {
+		const timeoutAt = security.enabled && (security.renderTimeoutMs || 0) > 0 ? Date.now() + (security.renderTimeoutMs || 0) : 0;
+		return () => {
+			if (timeoutAt > 0 && Date.now() > timeoutAt) {
+				const action = handleSecurityViolation(security, {
+					code: "RENDER_TIMEOUT_EXCEEDED",
+					type: "render",
+					message: "Render time exceeded configured timeout",
+					value: String(security.renderTimeoutMs)
+				});
+				if (action === "skip" || action === "placeholder") throw new Error(`[jspdf-md-renderer] Render aborted: exceeded renderTimeoutMs (${security.renderTimeoutMs}ms).`);
+			}
+		};
+	};
+	//#endregion
+	//#region src/security/security-transforms.ts
+	/**
+	* Applies link security rules to parsed markdown elements.
+	* Rejected links are downgraded to plain text by clearing `href`.
+	* In placeholder mode, blocked links render `security.placeholderText`.
+	*/
+	const applyLinkPolicy = async (elements, security) => {
+		if (!security.enabled) return;
+		const walk = async (nodes) => {
+			for (const node of nodes) {
+				if (node.type === "link" && node.href) {
+					if (security.disablePdfLinks) node.href = void 0;
+					else if (!await validateResourceUrl(node.href, "link", security, "markdown-link")) {
+						node.href = void 0;
+						if (security.violationMode === "placeholder") {
+							node.text = security.placeholderText || "[blocked]";
+							node.items = [{
+								type: "text",
+								content: node.text
+							}];
+						}
+					}
+				}
+				if (node.items?.length) await walk(node.items);
+			}
+		};
+		await walk(elements);
+	};
+	/**
+	* Replaces blocked image nodes with plain raw-text placeholders.
+	* Used by `violationMode: 'placeholder'` to preserve layout continuity.
+	*/
+	const convertBlockedImagesToPlaceholder = (elements, security) => {
+		const placeholder = security.placeholderImageText || "[blocked image]";
+		const walk = (nodes) => {
+			for (const node of nodes) {
+				if (node.type === "image" && !node.data) {
+					node.type = "raw";
+					node.content = placeholder;
+					node.src = void 0;
+				}
+				if (node.items?.length) walk(node.items);
+			}
+		};
+		walk(elements);
+	};
+	//#endregion
 	//#region src/renderer/MdTextRender.ts
 	/**
 	* Renders parsed markdown text into jsPDF document.
@@ -1697,9 +2298,18 @@
 	*/
 	const MdTextRender = async (doc, text, options) => {
 		const validOptions = validateOptions(options);
+		const security = validOptions.security || {};
+		const guardTimeout = createTimeoutGuard(security);
+		enforceMarkdownLimits(text, security);
+		guardTimeout();
 		const store = new RenderStore(validOptions);
 		const parsedElements = await MdTextParser(text);
-		await prefetchImages(parsedElements);
+		guardTimeout();
+		enforceNestedDepthAndImageCount(parsedElements, security);
+		await applyLinkPolicy(parsedElements, security);
+		await prefetchImages(parsedElements, security);
+		guardTimeout();
+		if (security.enabled && security.violationMode === "placeholder") convertBlockedImagesToPlaceholder(parsedElements, security);
 		const renderElement = (element, indentLevel = 0, store, hasRawBullet = false, start = 0, ordered = false) => {
 			const indent = indentLevel * validOptions.page.indent;
 			switch (element.type) {
@@ -1756,7 +2366,10 @@
 					break;
 			}
 		};
-		for (const item of parsedElements) renderElement(item, 0, store);
+		for (const item of parsedElements) {
+			guardTimeout();
+			renderElement(item, 0, store);
+		}
 		applyPageDecorations(doc, validOptions);
 		validOptions.endCursorYHandler(store.Y);
 	};
@@ -1764,6 +2377,7 @@
 	exports.MdTextParser = MdTextParser;
 	exports.MdTextRender = MdTextRender;
 	exports.MdTokenType = MdTokenType;
+	exports.SecurityViolationError = SecurityViolationError;
 	exports.renderInlineContent = renderInlineContent;
 	exports.renderPlainText = renderPlainText;
 	exports.validateOptions = validateOptions;