diff options
author | John MacFarlane <jgm@berkeley.edu> | 2021-06-14 12:35:44 -0700 |
---|---|---|
committer | John MacFarlane <jgm@berkeley.edu> | 2021-06-14 12:36:05 -0700 |
commit | 961268446c551e43b43cd3dffaf0f3c6be4dfa6f (patch) | |
tree | e9d45dcaf7c9d992ace6367ea8ccdc5aa22da7df /MANUAL.txt | |
parent | 62533053da158d00256ef3808e15eeb17401dd62 (diff) | |
download | pandoc-961268446c551e43b43cd3dffaf0f3c6be4dfa6f.tar.gz |
Rephrase section on unsafe HTML in manual.
Diffstat (limited to 'MANUAL.txt')
-rw-r--r-- | MANUAL.txt | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/MANUAL.txt b/MANUAL.txt index 815ed0fdf..c5dba29f3 100644 --- a/MANUAL.txt +++ b/MANUAL.txt @@ -6504,9 +6504,9 @@ application, here are some things to keep in mind: 4. The HTML generated by pandoc is not guaranteed to be safe. If `raw_html` is enabled for the Markdown input, users can inject arbitrary HTML. Even if `raw_html` is disabled, - users can include dangerous content in attributes for - headings, spans, and code blocks. To be safe, you should - run all the generated HTML through an HTML sanitizer. + users can include dangerous content in URLs and attributes. + To be safe, you should run all the generated HTML through + an HTML sanitizer. # Authors |