2017 © Pedro PelĂĄez
 

library secureparsedown

A Parsedown extension, for security.

image

aidantwoods/secureparsedown

A Parsedown extension, for security.

  • Wednesday, July 5, 2017
  • by aidantwoods
  • Repository
  • 2 Watchers
  • 6 Stars
  • 447 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 1 Forks
  • 0 Open issues
  • 3 Versions
  • 5 % Grown

The README.md

SecureParsedown Build Status

Parsedown, with added XSS protections., (*1)

Enable these with, (*2)

<?php

use Aidantwoods\SecureParsedown\SecureParsedown;

$Parsedown = new SecureParsedown;
$Parsedown->setSafeMode(true);

SecureParsedown was created to accelerate a release of https://github.com/erusev/parsedown/pull/495., (*3)

I do hope that https://github.com/erusev/parsedown/pull/495 eventually makes it into the core Parsedown library – at such time I shall remove unneeded overwritten methods in this extension. I will maintain SecureParsedown as a security focused early patch channel: so that finished security patches can be released ahead of Parsedown's currently slow release schedule., (*4)

SecureParsedown is an extension to Parsedown. Parsedown was created by Emanuil Rusev, and is available from https://github.com/erusev/parsedown., (*5)

Reporting Security Issues

If you're reporting a security issue, you can still use the issue tracker, but it would be great if you'd encrypt the issue for me before posting it (please post in ascii armored format). And give the issue a generic title like "Security Issue"., (*6)

My GPG fingerprint is A0EAF427E34F44505F171FB09A6A8EFAA512BBB9, you can obtain my key with:, (*7)

gpg --recv-keys A0EAF427E34F44505F171FB09A6A8EFAA512BBB9

Additionally, you can verify that I, Aidan Woods am the owner of the @aidantwoods GitHub account, the given GPG key, and various other online identities via the signature chain available at https://keybase.io/aidanwoods/sigchain#6fc6b2061420868891261c72f7094e841fadfb37a577dd83ec5a6147138a9da80f. I have also signed this commit., (*8)

It would be great if you'd also include your own GPG fingerprint in the message, so I can reply to you in an encrypted format if neccesary., (*9)

How to encrypt:, (*10)

Set up GPG, prepare your message in e.g. a file msg.txt, (*11)

Run, (*12)

cat msg.txt | gpg -sear A0EAF427E34F44505F171FB09A6A8EFAA512BBB9

Then copy and paste the output from the console into a new GitHub issue., (*13)

I shall try to convert issues to plain-text in-place when they are resolved, for the benefit of visibility., (*14)

Other Issues

All other issues, please post in plain-text., (*15)

The Versions

05/07 2017

dev-master

9999999-dev https://github.com/aidantwoods/SecureParsedown/wiki

A Parsedown extension, for security.

  Sources   Download

MIT

The Requires

 

The Development Requires

by Aidan Woods

parser markdown secure parsedown secureparsedown

02/07 2017

v1.0.1

1.0.1.0 https://github.com/aidantwoods/SecureParsedown/wiki

A Parsedown extension for Security.

  Sources   Download

MIT

The Requires

 

The Development Requires

by Aidan Woods

parser markdown secure parsedown secureparsedown

02/07 2017

v1.0

1.0.0.0 https://github.com/aidantwoods/SecureParsedown/wiki

A Parsedown extension for Security.

  Sources   Download

MIT

The Requires

 

The Development Requires

by Aidan Woods

parser markdown secure parsedown secureparsedown