mirror of
https://github.com/Smaug123/KaTeX
synced 2025-10-10 21:48:41 +00:00
8a38035855
* website/docs: initial commit * Change secondaryColor * Fix index.css not being copied and included on global stylesheet * Fix stylesheet link [skip ci] * Change documentation link to API(Usage) [skip ci] * Add `Libraries` in usage [skip ci] * Remove documentation from `README.md` and add link to the site [skip ci] * Use KaTeX in the parent directory to build Markdown [skip ci] * Revise function support page. Avoid error msgs. * General edit to function support page
16 lines
611 B
Markdown
16 lines
611 B
Markdown
---
|
|
id: security
|
|
title: Security
|
|
---
|
|
Any HTML generated by KaTeX *should* be safe from `<script>` or other code
|
|
injection attacks.
|
|
(See `maxSize` below for preventing large width/height visual affronts,
|
|
see `maxExpand` below for preventing infinite macro loop attacks, and
|
|
see `allowedProtocols` below for preventing certain protocols in `\href`)
|
|
|
|
Of course, it is always a good idea to sanitize the HTML, though you will need
|
|
a rather generous whitelist (including some of SVG and MathML) to support
|
|
all of KaTeX.
|
|
|
|
> If you discovered a security issue, please let us know via https://hackerone.com/khanacademy
|