This repository has been archived by the owner on Nov 9, 2017. It is now read-only.
Should escape message by default (via HTML::chars) #9
Labels
Comments
|
What about making a config option of whitelisted tags? I've regularly used messages that have bold, italic, underline or links in them. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Secure by default. Prevents XSS. Make a way to send raw if needed.
The text was updated successfully, but these errors were encountered: