Merge pull request #1471 from vantoan8x/securityLevel_antiscript_option

add security level antiscript option, use rich html format but dont permit script element.
2025-09-20 15:59:51 +02:00 · 2020-07-12 10:58:08 +02:00
parent 12668b78b9 fce2a16e42
commit e93a0556e7
3 changed files with 66 additions and 8 deletions
--- a/src/config.js
+++ b/src/config.js
@@ -77,11 +77,12 @@ const config = {
  /**
   *| Parameter | Description |Type | Required | Values|
   *| --- | --- | --- | --- | --- |
-   *| securitylevel | Level of trust for parsed diagram|String | Required | Strict, Loose |
+   *| securitylevel | Level of trust for parsed diagram|String | Required | Strict, Loose, antiscript |
   *
   ***Notes:
   *-   **strict**: (**default**) tags in text are encoded, click functionality is disabeled
   *-   **loose**: tags in text are allowed, click functionality is enabled
+   *-   **antiscript**: html tags in text are allowed, (only script element is removed), click functionality is enabled
   */
  securityLevel: 'strict',