Add Building from Source & update Security documentation (#1516)

* Add `Building from Source` documentation * Update security.md documentation * Fix grammars
2025-10-08 12:38:39 +00:00 · 2018-07-30 03:18:44 +09:00
parent e97a23ec6d
commit 702b3c807f
4 changed files with 31 additions and 6 deletions
--- a/docs/security.md
+++ b/docs/security.md
@@ -4,12 +4,17 @@ title: Security
 ---
 Any HTML generated by KaTeX *should* be safe from `<script>` or other code
 injection attacks.
-(See `maxSize` below for preventing large width/height visual affronts,
-see `maxExpand` below for preventing infinite macro loop attacks, and
-see `allowedProtocols` below for preventing certain protocols in `\href`)

 Of course, it is always a good idea to sanitize the HTML, though you will need
 a rather generous whitelist (including some of SVG and MathML) to support
 all of KaTeX.

+Use `maxSize` option for preventing large width/height visual affronts,
+use `maxExpand` for preventing infinite macro loop attacks, and
+use `allowedProtocols` for preventing certain protocols in `\href`. Please
+refer to [Options](options.md) for more details.
+
+The error message thrown by KaTeX may contain unescaped LaTeX source code.
+See [Handling Errors](error.md) for more details.
+
 > If you discovered a security issue, please let us know via https://hackerone.com/khanacademy