package kkmarkdown
Install
Dune Dependency
Authors
Maintainers
Sources
md5=cc8056af18a204bf68d60f50be5a9de7
sha512=452ef12429aa68606e79b82d883275abd05659fec52509dfa18d7de0edcfa0afba7fa9001d9643c5ad072a494ad8593c6f127e382b06d6c224964b3a7969f388
Description
The goals of kkmarkdown are,
- to avoid XSS attack, by supporting limited markdown syntax,
- to run the same markdown engine in both server and client sides, thanks to js_of_ocaml.
Published: 20 Dec 2022
README
kkmarkdown
A safe markdown engine
Goal:
To avoid XSS attack, by supporting limited markdown syntax.
To run the same markdown engine in both server and client sides, thanks to js_of_ocaml.
Not goal:
Generating legit HTML is not a goal. Garbage in, garbage out at the moment.
Build & run
Install dependencies:
$ opam install --deps-only . [--with-test]
Build:
$ make [|test|doc|clean|fmt]
It will make
one executable
_build/install/default/bin/kkmarkdown
one javascript
_build/install/default/share/kkmarkdown/kkmarkdown.js
In shell (using stdin):
$ kkmarkdown
*abc* (then control+D)
<p><em>abc</em></p>
or (using file)
$ echo "*abc*" > a
$ kkmarkdown a
<p><em>abc</em></p>
In html:
<script src='https://kkeun.net/kkmarkdown.js'></script>
<script>result = kkmarkdown.trans("*abc*");</script>
Unsafe mode
There is unsafe mode that can be used when the markdown source is trustworthy. See below for supported syntax in the unsafe mode:
https://kkeundotnet.github.io/kkmarkdown/kkmarkdown/syntax.html
In shell:
$ kkmarkdown --unsafe [FILE]
In html:
<script>result = kkmarkdown.unsafe("*abc*");</script>
RSS mode
RSS mode suppresses class
es and inline HTMLs in the unsafe mode. HTML class
es or inline HTMLs including javscripts may not work properly in external feed readers.
$ kkmarkdown --rss --unsafe [FILE]
Dependencies (5)
- js_of_ocaml-ppx
- js_of_ocaml
- dune-build-info
-
dune
>= "3.6"
-
ocaml
>= "4.14.0"
Used by
None
Conflicts
None