Add note to Security section that commonmark is better...

than markdown as far as pathological performance goes.
author: John MacFarlane <jgm@berkeley.edu> 2021-09-12 11:10:05 -0700
committer: John MacFarlane <jgm@berkeley.edu> 2021-09-12 11:10:05 -0700
commit: d43f9cf4146400721cf8dca15a411c2ecc1342fb (patch)
tree: 02d7a43732e559553d349c5d8797b8eb8cd43b67 /MANUAL.txt
parent: 84b5c55448cbbfc4b8d9433d61d46b57a1ba5876 (diff)
download: pandoc-d43f9cf4146400721cf8dca15a411c2ecc1342fb.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/MANUAL.txt b/MANUAL.txt
index f0d3c8965..b65e45bfe 100644
--- a/MANUAL.txt
+++ b/MANUAL.txt
@@ -6624,7 +6624,10 @@ application, here are some things to keep in mind:
    a timeout, to avoid DOS attacks that exploit these issues.
    If you are using the pandoc executable, you can add the
    command line options `+RTS -M512M -RTS` (for example) to limit
-   the heap size to 512MB.
+   the heap size to 512MB.  Note that the `commonmark` parser
+   (including `commonmark_x` and `gfm`) is much less vulnerable
+   to pathological performance than the `markdown` parser, so
+   it is a better choice when processing untrusted input.
 
 6. The HTML generated by pandoc is not guaranteed to be safe.
    If `raw_html` is enabled for the Markdown input, users can
author	John MacFarlane <jgm@berkeley.edu>	2021-09-12 11:10:05 -0700
committer	John MacFarlane <jgm@berkeley.edu>	2021-09-12 11:10:05 -0700
commit	d43f9cf4146400721cf8dca15a411c2ecc1342fb (patch)
tree	02d7a43732e559553d349c5d8797b8eb8cd43b67 /MANUAL.txt
parent	84b5c55448cbbfc4b8d9433d61d46b57a1ba5876 (diff)
download	pandoc-d43f9cf4146400721cf8dca15a411c2ecc1342fb.tar.gz