This is an automated email from the ASF dual-hosted git repository.
dpgaspar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-superset.git
The following commit(s) were added to refs/heads/master by this push:
new 3e73c81 filter out markdown containing XSS (#9163)
3e73c81 is described below
commit 3e73c81b25842a16e647ec5524049b0260f090e5
Author: ʈᵃᵢ <[email protected]>
AuthorDate: Wed Feb 19 01:44:45 2020 -0800
filter out markdown containing XSS (#9163)
---
superset-frontend/package-lock.json | 200 +++++++++++++++------
superset-frontend/package.json | 2 +-
.../components/gridComponents/Markdown.jsx | 8 +
3 files changed, 151 insertions(+), 59 deletions(-)
diff --git a/superset-frontend/package-lock.json
b/superset-frontend/package-lock.json
index 07ff380..6dd4db4 100644
--- a/superset-frontend/package-lock.json
+++ b/superset-frontend/package-lock.json
@@ -4970,11 +4970,6 @@
}
}
},
- "@types/unist": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/@types/unist/-/unist-2.0.2.tgz";,
- "integrity":
"sha512-iHI60IbyfQilNubmxsq4zqSjdynlmc2Q/QvH9kjzg9+CCYVVzq1O6tc7VBzSygIwnmOt07w80IG6HDQvjv3Liw=="
- },
"@types/webpack": {
"version": "4.39.1",
"resolved":
"https://registry.npmjs.org/@types/webpack/-/webpack-4.39.1.tgz";,
@@ -6667,9 +6662,9 @@
}
},
"bail": {
- "version": "1.0.3",
- "resolved": "https://registry.npmjs.org/bail/-/bail-1.0.3.tgz";,
- "integrity":
"sha512-1X8CnjFVQ+a+KW36uBNMTU5s8+v5FzeqrP7hTG5aTb4aPreSbZJlhwPon9VKMuEVgV++JM+SQrALY3kr7eswdg=="
+ "version": "1.0.5",
+ "resolved": "https://registry.npmjs.org/bail/-/bail-1.0.5.tgz";,
+ "integrity":
"sha512-xFbRxM1tahm08yHBP16MMjVUAvDaBMD38zsM9EMAUN61omwLmKlOpB/Zku5QkjZ8TZ4vn53pj+t518cH0S03RQ=="
},
"balanced-match": {
"version": "1.0.0",
@@ -8262,9 +8257,9 @@
"dev": true
},
"collapse-white-space": {
- "version": "1.0.4",
- "resolved":
"https://registry.npmjs.org/collapse-white-space/-/collapse-white-space-1.0.4.tgz";,
- "integrity":
"sha512-YfQ1tAUZm561vpYD+5eyWN8+UsceQbSrqqlc/6zDY2gtAE+uZLSdkkovhnGpmCThsvKBFakq4EdY/FF93E8XIw=="
+ "version": "1.0.6",
+ "resolved":
"https://registry.npmjs.org/collapse-white-space/-/collapse-white-space-1.0.6.tgz";,
+ "integrity":
"sha512-jEovNnrhMuqyCcjfEJA56v0Xq8SkIoPKDyaHahwo3POf4qcSXqMYuwNcOTzp74vTsR9Tn08z4MxWqAhcekogkQ=="
},
"collection-visit": {
"version": "1.0.0",
@@ -13187,6 +13182,67 @@
"integrity": "sha1-DfKTUfByEWNRXfueVUPl9u7VFi8=",
"dev": true
},
+ "html-to-react": {
+ "version": "1.4.2",
+ "resolved":
"https://registry.npmjs.org/html-to-react/-/html-to-react-1.4.2.tgz";,
+ "integrity":
"sha512-TdTfxd95sRCo6QL8admCkE7mvNNrXtGoVr1dyS+7uvc8XCqAymnf/6ckclvnVbQNUo2Nh21VPwtfEHd0khiV7g==",
+ "requires": {
+ "domhandler": "^3.0",
+ "htmlparser2": "^4.0",
+ "lodash.camelcase": "^4.3.0",
+ "ramda": "^0.26"
+ },
+ "dependencies": {
+ "dom-serializer": {
+ "version": "0.2.2",
+ "resolved":
"https://registry.npmjs.org/dom-serializer/-/dom-serializer-0.2.2.tgz";,
+ "integrity":
"sha512-2/xPb3ORsQ42nHYiSunXkDjPLBaEj/xTwUO4B7XCZQTRk7EBtTOPaygh10YAAh2OI1Qrp6NWfpAhzswj0ydt9g==",
+ "requires": {
+ "domelementtype": "^2.0.1",
+ "entities": "^2.0.0"
+ }
+ },
+ "domelementtype": {
+ "version": "2.0.1",
+ "resolved":
"https://registry.npmjs.org/domelementtype/-/domelementtype-2.0.1.tgz";,
+ "integrity":
"sha512-5HOHUDsYZWV8FGWN0Njbr/Rn7f/eWSQi1v7+HsUVwXgn8nWWlL64zKDkS0n8ZmQ3mlWOMuXOnR+7Nx/5tMO5AQ=="
+ },
+ "domhandler": {
+ "version": "3.0.0",
+ "resolved":
"https://registry.npmjs.org/domhandler/-/domhandler-3.0.0.tgz";,
+ "integrity":
"sha512-eKLdI5v9m67kbXQbJSNn1zjh0SDzvzWVWtX+qEI3eMjZw8daH9k8rlj1FZY9memPwjiskQFbe7vHVVJIAqoEhw==",
+ "requires": {
+ "domelementtype": "^2.0.1"
+ }
+ },
+ "domutils": {
+ "version": "2.0.0",
+ "resolved":
"https://registry.npmjs.org/domutils/-/domutils-2.0.0.tgz";,
+ "integrity":
"sha512-n5SelJ1axbO636c2yUtOGia/IcJtVtlhQbFiVDBZHKV5ReJO1ViX7sFEemtuyoAnBxk5meNSYgA8V4s0271efg==",
+ "requires": {
+ "dom-serializer": "^0.2.1",
+ "domelementtype": "^2.0.1",
+ "domhandler": "^3.0.0"
+ }
+ },
+ "entities": {
+ "version": "2.0.0",
+ "resolved":
"https://registry.npmjs.org/entities/-/entities-2.0.0.tgz";,
+ "integrity":
"sha512-D9f7V0JSRwIxlRI2mjMqufDrRDnx8p+eEOz7aUM9SuvF8gsBzra0/6tbjl1m8eQHrZlYj6PxqE00hZ1SAIKPLw=="
+ },
+ "htmlparser2": {
+ "version": "4.0.0",
+ "resolved":
"https://registry.npmjs.org/htmlparser2/-/htmlparser2-4.0.0.tgz";,
+ "integrity":
"sha512-cChwXn5Vam57fyXajDtPXL1wTYc8JtLbr2TN76FYu05itVVVealxLowe2B3IEznJG4p9HAYn/0tJaRlGuEglFQ==",
+ "requires": {
+ "domelementtype": "^2.0.1",
+ "domhandler": "^3.0.0",
+ "domutils": "^2.0.0",
+ "entities": "^2.0.0"
+ }
+ }
+ }
+ },
"htmlparser2": {
"version": "3.10.1",
"resolved":
"https://registry.npmjs.org/htmlparser2/-/htmlparser2-3.10.1.tgz";,
@@ -14429,9 +14485,9 @@
"integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo="
},
"is-whitespace-character": {
- "version": "1.0.2",
- "resolved":
"https://registry.npmjs.org/is-whitespace-character/-/is-whitespace-character-1.0.2.tgz";,
- "integrity":
"sha512-SzM+T5GKUCtLhlHFKt2SDAX2RFzfS6joT91F2/WSi9LxgFdsnhfPK/UIA+JhRR2xuyLdrCys2PiFDrtn1fU5hQ=="
+ "version": "1.0.4",
+ "resolved":
"https://registry.npmjs.org/is-whitespace-character/-/is-whitespace-character-1.0.4.tgz";,
+ "integrity":
"sha512-SDweEzfIZM0SJV0EUga669UTKlmL0Pq8Lno0QDQsPnvECB3IM2aP0gdx5TrU0A01MAPfViaZiI2V1QMZLaKK5w=="
},
"is-windows": {
"version": "0.1.1",
@@ -14439,9 +14495,9 @@
"integrity": "sha1-vjEHFUMc+rzMVKs5USEPoLbQGr4="
},
"is-word-character": {
- "version": "1.0.2",
- "resolved":
"https://registry.npmjs.org/is-word-character/-/is-word-character-1.0.2.tgz";,
- "integrity":
"sha512-T3FlsX8rCHAH8e7RE7PfOPZVFQlcV3XRF9eOOBQ1uf70OxO7CjjSOjeImMPCADBdYWcStAbVbYvJ1m2D3tb+EA=="
+ "version": "1.0.4",
+ "resolved":
"https://registry.npmjs.org/is-word-character/-/is-word-character-1.0.4.tgz";,
+ "integrity":
"sha512-5SMO8RVennx3nZrqtKwCGyyetPE9VDba5ugvKLaD4KopPG5kR4mQ7tNt/r7feL5yt5h3lpuBbIUmCOG2eSzXHA=="
},
"is-wsl": {
"version": "1.1.0",
@@ -16690,6 +16746,11 @@
"resolved":
"https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.15.tgz";,
"integrity":
"sha512-rlrc3yU3+JNOpZ9zj5pQtxnx2THmvRykwL4Xlxoa8I9lHBlVbbyPhgyPMioxVZ4NqyxaVVtaJnzsyOidQIhyyQ=="
},
+ "lodash.camelcase": {
+ "version": "4.3.0",
+ "resolved":
"https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz";,
+ "integrity": "sha1-soqmKIorn8ZRA1x3EfZathkDMaY="
+ },
"lodash.curry": {
"version": "4.1.1",
"resolved":
"https://registry.npmjs.org/lodash.curry/-/lodash.curry-4.1.1.tgz";,
@@ -16972,9 +17033,9 @@
}
},
"markdown-escapes": {
- "version": "1.0.2",
- "resolved":
"https://registry.npmjs.org/markdown-escapes/-/markdown-escapes-1.0.2.tgz";,
- "integrity":
"sha512-lbRZ2mE3Q9RtLjxZBZ9+IMl68DKIXaVAhwvwn9pmjnPLS0h/6kyBMgNhqi1xFJ/2yv6cSyv0jbiZavZv93JkkA=="
+ "version": "1.0.4",
+ "resolved":
"https://registry.npmjs.org/markdown-escapes/-/markdown-escapes-1.0.4.tgz";,
+ "integrity":
"sha512-8z4efJYk43E0upd0NbVXwgSTQs6cT3T06etieCMEg7dRbzCbxUCK/GHlX8mhHRDcp+OLlHkPKsvqQTCvsRl2cg=="
},
"material-colors": {
"version": "1.2.6",
@@ -20798,6 +20859,11 @@
"integrity": "sha1-635iZ1SN3t+4mcG5Dlc3RVnN234=",
"dev": true
},
+ "ramda": {
+ "version": "0.26.1",
+ "resolved": "https://registry.npmjs.org/ramda/-/ramda-0.26.1.tgz";,
+ "integrity":
"sha512-hLWjpy7EnsDBb0p+Z3B7rPi3GDeRG5ZtiI33kJhTt+ORCd38AbAIjB/9zRIUoeTbE/AVX5ZkU7m6bznsvrf8eQ=="
+ },
"randexp": {
"version": "0.4.6",
"resolved": "https://registry.npmjs.org/randexp/-/randexp-0.4.6.tgz";,
@@ -21218,16 +21284,35 @@
}
},
"react-markdown": {
- "version": "3.6.0",
- "resolved":
"https://registry.npmjs.org/react-markdown/-/react-markdown-3.6.0.tgz";,
- "integrity":
"sha512-TV0wQDHHPCEeKJHWXFfEAKJ8uSEsJ9LgrMERkXx05WV/3q6Ig+59KDNaTmjcoqlCpE/sH5PqqLMh4t0QWKrJ8Q==",
+ "version": "4.3.1",
+ "resolved":
"https://registry.npmjs.org/react-markdown/-/react-markdown-4.3.1.tgz";,
+ "integrity":
"sha512-HQlWFTbDxTtNY6bjgp3C3uv1h2xcjCSi1zAEzfBW9OwJJvENSYiLXWNXN5hHLsoqai7RnZiiHzcnWdXk2Splzw==",
"requires": {
+ "html-to-react": "^1.3.4",
"mdast-add-list-metadata": "1.0.1",
- "prop-types": "^15.6.1",
+ "prop-types": "^15.7.2",
+ "react-is": "^16.8.6",
"remark-parse": "^5.0.0",
"unified": "^6.1.5",
"unist-util-visit": "^1.3.0",
"xtend": "^4.0.1"
+ },
+ "dependencies": {
+ "prop-types": {
+ "version": "15.7.2",
+ "resolved":
"https://registry.npmjs.org/prop-types/-/prop-types-15.7.2.tgz";,
+ "integrity":
"sha512-8QQikdH7//R2vurIJSutZ1smHYTcLpRWEOlHnzcWHmBYrOGUysKwSsrC89BCiFj3CbrfJ/nXFdJepOVrY1GCHQ==",
+ "requires": {
+ "loose-envify": "^1.4.0",
+ "object-assign": "^4.1.1",
+ "react-is": "^16.8.1"
+ }
+ },
+ "react-is": {
+ "version": "16.12.0",
+ "resolved":
"https://registry.npmjs.org/react-is/-/react-is-16.12.0.tgz";,
+ "integrity":
"sha512-rPCkf/mWBtKc97aLL9/txD8DZdemK0vkA3JMLShjlJB3Pj3s+lpf1KaBzMfQrAmhMQB0n1cU/SUGgKKBCe837Q=="
+ }
}
},
"react-move": {
@@ -23241,9 +23326,9 @@
"dev": true
},
"state-toggle": {
- "version": "1.0.1",
- "resolved":
"https://registry.npmjs.org/state-toggle/-/state-toggle-1.0.1.tgz";,
- "integrity":
"sha512-Qe8QntFrrpWTnHwvwj2FZTgv+PKIsp0B9VxLzLLbSpPXWOgRgc5LVj/aTiSfK1RqIeF9jeC1UeOH8Q8y60A7og=="
+ "version": "1.0.3",
+ "resolved":
"https://registry.npmjs.org/state-toggle/-/state-toggle-1.0.3.tgz";,
+ "integrity":
"sha512-d/5Z4/2iiCnHw6Xzghyhb+GcmF89bxwgXG60wjIiZaxnymbyOmI8Hk4VqHXiVVp6u2ysaskFfXg3ekCj4WNftQ=="
},
"static-eval": {
"version": "2.0.2",
@@ -24282,14 +24367,14 @@
"integrity": "sha1-yy4SAwZ+DI3h9hQJS5/kVwTqYAM="
},
"trim-trailing-lines": {
- "version": "1.1.1",
- "resolved":
"https://registry.npmjs.org/trim-trailing-lines/-/trim-trailing-lines-1.1.1.tgz";,
- "integrity":
"sha512-bWLv9BbWbbd7mlqqs2oQYnLD/U/ZqeJeJwbO0FG2zA1aTq+HTvxfHNKFa/HGCVyJpDiioUYaBhfiT6rgk+l4mg=="
+ "version": "1.1.3",
+ "resolved":
"https://registry.npmjs.org/trim-trailing-lines/-/trim-trailing-lines-1.1.3.tgz";,
+ "integrity":
"sha512-4ku0mmjXifQcTVfYDfR5lpgV7zVqPg6zV9rdZmwOPqq0+Zq19xDqEgagqVbc4pOOShbncuAOIs59R3+3gcF3ZA=="
},
"trough": {
- "version": "1.0.3",
- "resolved": "https://registry.npmjs.org/trough/-/trough-1.0.3.tgz";,
- "integrity":
"sha512-fwkLWH+DimvA4YCy+/nvJd61nWQQ2liO/nF/RjkTpiOGi+zxZzVkhb1mvbHIIW4b/8nDsYI8uTmAlc0nNkRMOw=="
+ "version": "1.0.5",
+ "resolved": "https://registry.npmjs.org/trough/-/trough-1.0.5.tgz";,
+ "integrity":
"sha512-rvuRbTarPXmMb79SmzEp8aqXNKcK+y0XaB298IXueQ8I2PsrATcPBCSPyK/dDNa2iWOhKlfNnOjdAOTBU/nkFA=="
},
"tryer": {
"version": "1.0.1",
@@ -24608,12 +24693,12 @@
"integrity":
"sha512-5/4etnCkd9c8gwgowi5/om/mYO5ajCaOgdzj/oW+0eQV9WxKBDZw5+ycmKmeaTXjInS/W0BzpGLo2xR2aBwZdg=="
},
"unherit": {
- "version": "1.1.1",
- "resolved": "https://registry.npmjs.org/unherit/-/unherit-1.1.1.tgz";,
- "integrity":
"sha512-+XZuV691Cn4zHsK0vkKYwBEwB74T3IZIcxrgn2E4rKwTfFyI1zCh7X7grwh9Re08fdPlarIdyWgI8aVB3F5A5g==",
+ "version": "1.1.3",
+ "resolved": "https://registry.npmjs.org/unherit/-/unherit-1.1.3.tgz";,
+ "integrity":
"sha512-Ft16BJcnapDKp0+J/rqFC3Rrk6Y/Ng4nzsC028k2jdDII/rdZ7Wd3pPT/6+vIIxRagwRc9K0IUX0Ra4fKvw+WQ==",
"requires": {
- "inherits": "^2.0.1",
- "xtend": "^4.0.1"
+ "inherits": "^2.0.0",
+ "xtend": "^4.0.0"
}
},
"unicode-canonical-property-names-ecmascript": {
@@ -24700,14 +24785,14 @@
}
},
"unist-util-is": {
- "version": "2.1.2",
- "resolved":
"https://registry.npmjs.org/unist-util-is/-/unist-util-is-2.1.2.tgz";,
- "integrity":
"sha512-YkXBK/H9raAmG7KXck+UUpnKiNmUdB+aBGrknfQ4EreE1banuzrKABx3jP6Z5Z3fMSPMQQmeXBlKpCbMwBkxVw=="
+ "version": "3.0.0",
+ "resolved":
"https://registry.npmjs.org/unist-util-is/-/unist-util-is-3.0.0.tgz";,
+ "integrity":
"sha512-sVZZX3+kspVNmLWBPAB6r+7D9ZgAFPNWm66f7YNb420RlQSbn+n8rG8dGZSkrER7ZIXGQYNm5pqC3v3HopH24A=="
},
"unist-util-remove-position": {
- "version": "1.1.2",
- "resolved":
"https://registry.npmjs.org/unist-util-remove-position/-/unist-util-remove-position-1.1.2.tgz";,
- "integrity":
"sha512-XxoNOBvq1WXRKXxgnSYbtCF76TJrRoe5++pD4cCBsssSiWSnPEktyFrFLE8LTk3JW5mt9hB0Sk5zn4x/JeWY7Q==",
+ "version": "1.1.4",
+ "resolved":
"https://registry.npmjs.org/unist-util-remove-position/-/unist-util-remove-position-1.1.4.tgz";,
+ "integrity":
"sha512-tLqd653ArxJIPnKII6LMZwH+mb5q+n/GtXQZo6S6csPRs5zB0u79Yw8ouR3wTw8wxvdJFhpP6Y7jorWdCgLO0A==",
"requires": {
"unist-util-visit": "^1.1.0"
}
@@ -24718,19 +24803,19 @@
"integrity":
"sha512-pNCVrk64LZv1kElr0N1wPiHEUoXNVFERp+mlTg/s9R5Lwg87f9bM/3sQB99w+N9D/qnM9ar3+AKDBwo/gm/iQQ=="
},
"unist-util-visit": {
- "version": "1.4.0",
- "resolved":
"https://registry.npmjs.org/unist-util-visit/-/unist-util-visit-1.4.0.tgz";,
- "integrity":
"sha512-FiGu34ziNsZA3ZUteZxSFaczIjGmksfSgdKqBfOejrrfzyUy5b7YrlzT1Bcvi+djkYDituJDy2XB7tGTeBieKw==",
+ "version": "1.4.1",
+ "resolved":
"https://registry.npmjs.org/unist-util-visit/-/unist-util-visit-1.4.1.tgz";,
+ "integrity":
"sha512-AvGNk7Bb//EmJZyhtRUnNMEpId/AZ5Ph/KUpTI09WHQuDZHKovQ1oEv3mfmKpWKtoMzyMC4GLBm1Zy5k12fjIw==",
"requires": {
"unist-util-visit-parents": "^2.0.0"
},
"dependencies": {
"unist-util-visit-parents": {
- "version": "2.0.1",
- "resolved":
"https://registry.npmjs.org/unist-util-visit-parents/-/unist-util-visit-parents-2.0.1.tgz";,
- "integrity":
"sha512-6B0UTiMfdWql4cQ03gDTCSns+64Zkfo2OCbK31Ov0uMizEz+CJeAp0cgZVb5Fhmcd7Bct2iRNywejT0orpbqUA==",
+ "version": "2.1.2",
+ "resolved":
"https://registry.npmjs.org/unist-util-visit-parents/-/unist-util-visit-parents-2.1.2.tgz";,
+ "integrity":
"sha512-DyN5vD4NE3aSeB+PXYNKxzGsfocxp6asDc2XXE3b0ekO2BaRUpBicbbUygfSvYfUz1IkmjFR1YF7dPklraMZ2g==",
"requires": {
- "unist-util-is": "^2.1.2"
+ "unist-util-is": "^3.0.0"
}
}
}
@@ -25567,16 +25652,15 @@
}
},
"vfile-location": {
- "version": "2.0.4",
- "resolved":
"https://registry.npmjs.org/vfile-location/-/vfile-location-2.0.4.tgz";,
- "integrity":
"sha512-KRL5uXQPoUKu+NGvQVL4XLORw45W62v4U4gxJ3vRlDfI9QsT4ZN1PNXn/zQpKUulqGDpYuT0XDfp5q9O87/y/w=="
+ "version": "2.0.6",
+ "resolved":
"https://registry.npmjs.org/vfile-location/-/vfile-location-2.0.6.tgz";,
+ "integrity":
"sha512-sSFdyCP3G6Ka0CEmN83A2YCMKIieHx0EDaj5IDP4g1pa5ZJ4FJDvpO0WODLxo4LUX4oe52gmSCK7Jw4SBghqxA=="
},
"vfile-message": {
- "version": "1.1.0",
- "resolved":
"https://registry.npmjs.org/vfile-message/-/vfile-message-1.1.0.tgz";,
- "integrity":
"sha512-D9E9mTcn6b2uWxUgNSBQPWFywPxP87dZCkemuh01vNb7zntXgHtsrTorZdURrKSpFM0O1IlQVpfdmHuJuy6EGw==",
+ "version": "1.1.1",
+ "resolved":
"https://registry.npmjs.org/vfile-message/-/vfile-message-1.1.1.tgz";,
+ "integrity":
"sha512-1WmsopSGhWt5laNir+633LszXvZ+Z/lxveBf6yhGsqnQIhlhzooZae7zV6YVM1Sdkw68dtAW3ow0pOdPANugvA==",
"requires": {
- "@types/unist": "^2.0.2",
"unist-util-stringify-position": "^1.1.1"
}
},
diff --git a/superset-frontend/package.json b/superset-frontend/package.json
index 14d4ad8..b294433 100644
--- a/superset-frontend/package.json
+++ b/superset-frontend/package.json
@@ -126,7 +126,7 @@
"react-hot-loader": "^4.3.6",
"react-json-tree": "^0.11.2",
"react-jsonschema-form": "^1.2.0",
- "react-markdown": "^3.3.0",
+ "react-markdown": "^4.3.1",
"react-redux": "^5.0.2",
"react-router-dom": "^5.1.2",
"react-search-input": "^0.11.3",
diff --git
a/superset-frontend/src/dashboard/components/gridComponents/Markdown.jsx
b/superset-frontend/src/dashboard/components/gridComponents/Markdown.jsx
index 6329824..59137ba 100644
--- a/superset-frontend/src/dashboard/components/gridComponents/Markdown.jsx
+++ b/superset-frontend/src/dashboard/components/gridComponents/Markdown.jsx
@@ -73,6 +73,13 @@ const markdownPlaceHolder = `# ✨Markdown
Click here to edit [markdown](https://bit.ly/1dQOfRK)`;
+function isSafeMarkup(node) {
+ if (node.type === 'html') {
+ return /href="(javascript|vbscript|file):.*"/gim.test(node.value) ===
false;
+ }
+
+ return true;
+}
class Markdown extends React.PureComponent {
constructor(props) {
super(props);
@@ -190,6 +197,7 @@ class Markdown extends React.PureComponent {
<ReactMarkdown
source={this.state.markdownSource || markdownPlaceHolder}
escapeHtml={false}
+ allowNode={isSafeMarkup}
/>
);
}
