[Standards] Proposed XMPP Extension: Styling
jonas at wielicki.name
Tue Nov 7 12:02:54 UTC 2017
On Montag, 6. November 2017 15:25:00 CET Sam Whited wrote:
> Although, in retrospect the body is escaped so this isn't as
> likely as XHTML-IM to be a problem unless you unescape and them dump it
> into the DOM (which is a problem regardless of what formatting spec you
Could you clarify? I can’t see anything in the XEP which mandates escaping
(which wouldn’t help either with malicious senders).
When I put "<b>foo</b>" into a message, it will be sent as:
Which every sane XML library will hand to the receiving application as a
string containing "<b>foo</b>". At which point, if you pour that into a
default markdown thing, you get HTML in the output.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: This is a digitally signed message part.
More information about the Standards