{"id":16838089,"url":"https://github.com/phw/showdown-htmlescape","last_synced_at":"2025-03-22T04:31:05.942Z","repository":{"id":57358913,"uuid":"41357737","full_name":"phw/showdown-htmlescape","owner":"phw","description":"Plugin for Showdown to prevent the use of arbitrary HTML and allow only the specific Markdown syntax.","archived":false,"fork":false,"pushed_at":"2022-12-21T11:52:20.000Z","size":55,"stargazers_count":9,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-16T00:34:19.676Z","etag":null,"topics":["bower","markdown","nodejs","npm","plugin","showdown"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/phw.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null},"funding":{"github":["phw"],"patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"custom":null}},"created_at":"2015-08-25T10:25:55.000Z","updated_at":"2024-05-28T09:59:49.000Z","dependencies_parsed_at":"2022-08-31T00:22:01.472Z","dependency_job_id":null,"html_url":"https://github.com/phw/showdown-htmlescape","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phw%2Fshowdown-htmlescape","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phw%2Fshowdown-htmlescape/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phw%2Fshowdown-htmlescape/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phw%2Fshowdown-htmlescape/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/phw","download_url":"https://codeload.github.com/phw/showdown-htmlescape/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244907420,"owners_count":20529850,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bower","markdown","nodejs","npm","plugin","showdown"],"created_at":"2024-10-13T12:20:48.211Z","updated_at":"2025-03-22T04:31:05.561Z","avatar_url":"https://github.com/phw.png","language":"JavaScript","funding_links":["https://github.com/sponsors/phw"],"categories":[],"sub_categories":[],"readme":"# Showdown HTML Escape plugin\n[![npm version](https://badge.fury.io/js/showdown-htmlescape.svg)](http://badge.fury.io/js/showdown-htmlescape)\n[![Bower version](https://badge.fury.io/bo/showdown-htmlescape.svg)](http://badge.fury.io/bo/showdown-htmlescape)\n[![Dependency Status](https://david-dm.org/phw/showdown-htmlescape.svg)](https://david-dm.org/phw/showdown-htmlescape)\n[![devDependency Status](https://david-dm.org/phw/showdown-htmlescape/dev-status.svg)](https://david-dm.org/phw/showdown-htmlescape#info=devDependencies)\n\n[![Build Status](https://travis-ci.org/phw/showdown-htmlescape.svg?branch=master)](https://travis-ci.org/phw/showdown-htmlescape)\n[![Code Climate](https://codeclimate.com/github/phw/showdown-htmlescape/badges/gpa.svg)](https://codeclimate.com/github/phw/showdown-htmlescape)\n[![Test Coverage](https://codeclimate.com/github/phw/showdown-htmlescape/badges/coverage.svg)](https://codeclimate.com/github/phw/showdown-htmlescape/coverage)\n\nThis plugin for [Showdown](https://github.com/showdownjs/showdown) prevents\nthe use of arbitrary HTML and allows only the specific Markdown syntax.\n\nThis is useful if you want to allow your users to format text using the Markdown\nsyntax but you do not want them to directly enter HTML.\n\n## Installation\n\n### With [bower](http://bower.io/)\n\n    bower install showdown-htmlescape\n\n### With [npm](http://npmjs.org)\n\n    npm install showdown-htmlescape\n\n### Manual\n\nYou can also [download the latest release zip or tarball](https://github.com/phw/showdown-htmlescape/releases) and include the file `dist/showdown-htmlescape.js` directly in your project.\n\n## Enabling the extension\n\n### Browser\n\nYou have to include both Showdown and the Showdown HTML Escape extension in your\nproject:\n\n```HTML\n\u003cscript src=\"showdown.min.js\"\u003e\u003c/script\u003e\n\u003cscript src=\"showdown-htmlescape.min.js\"\u003e\u003c/script\u003e\n```\n\nAfter including the extension in your application, you just need to enable it\nfor your Showdown converter:\n\n```JavaScript\nvar converter = new showdown.Converter({extensions: ['htmlescape']})\n```\n\n### Node.js\n\n```JavaScript\nvar showdown = require('showdown')\nvar showdownHtmlEscape = require('showdown-htmlescape')\nvar converter = new showdown.Converter({ extensions: [showdownHtmlEscape] })\n```\n\n## Usage example\n\n```JavaScript\nvar converter = new showdown.Converter({extensions: ['htmlescape']})\nvar input = 'Allows **Markdown markup**, but does not allow \u003cb\u003eHTML markup\u003c/b\u003e'\nvar html = converter.makeHtml(input)\nconsole.log(html)\n```\n\nThis should output:\n\n```HTML\n\u003cp\u003eAllows \u003cstrong\u003eMarkdown markup\u003c/strong\u003e, but does not allow \u0026lt;b\u0026gt;HTML markup\u0026lt;/b\u0026gt;\u003c/p\u003e\n```\n\n## Notes on security\nThis plugin is **not** meant to protect you from XSS attacks, it justs limits\nthe syntax available to the user to the Markdown specific syntax. If security\nand XSS prevention is important for your use case  you still must filter the\nHTML generated by Showdown.\nSee [Markdown's XSS Vulnerability (and how to mitigate it)](https://github.com/showdownjs/showdown/wiki/Markdown's-XSS-Vulnerability-%28and-how-to-mitigate-it%29)\nfor details.\n\n## License\nShowdown HTML Escape Copyright \u0026copy; 2015-2016 Philipp Wolfer \u003cphil@parolu.de\u003e\n\nPublished under the MIT license, see LICENSE.txt for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphw%2Fshowdown-htmlescape","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fphw%2Fshowdown-htmlescape","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphw%2Fshowdown-htmlescape/lists"}