Download the PHP package aidantwoods/secureparsedown without Composer
On this page you can find all versions of the php package aidantwoods/secureparsedown. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download aidantwoods/secureparsedown
More information about aidantwoods/secureparsedown
Files in aidantwoods/secureparsedown
Package secureparsedown
Short Description A Parsedown extension for Security.
License MIT
Homepage https://github.com/aidantwoods/SecureParsedown/wiki
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package secureparsedown
SecureParsedown 
Parsedown, with added XSS protections.
Enable these with
SecureParsedown was created to accelerate a release of https://github.com/erusev/parsedown/pull/495.
I do hope that https://github.com/erusev/parsedown/pull/495 eventually makes it into the core Parsedown library – at such time I shall remove unneeded overwritten methods in this extension. I will maintain SecureParsedown as a security focused early patch channel: so that finished security patches can be released ahead of Parsedown's currently slow release schedule.
SecureParsedown is an extension to Parsedown. Parsedown was created by Emanuil Rusev, and is available from https://github.com/erusev/parsedown.
Reporting Security Issues
If you're reporting a security issue, you can still use the issue tracker, but it would be great if you'd encrypt the issue for me before posting it (please post in ascii armored format). And give the issue a generic title like "Security Issue".
My GPG fingerprint is A0EAF427E34F44505F171FB09A6A8EFAA512BBB9, you can obtain
my key with:
Additionally, you can verify that I, Aidan Woods am the owner of the @aidantwoods GitHub account, the given GPG key, and various other online identities via the signature chain available at https://keybase.io/aidanwoods/sigchain#6fc6b2061420868891261c72f7094e841fadfb37a577dd83ec5a6147138a9da80f. I have also signed this commit.
It would be great if you'd also include your own GPG fingerprint in the message, so I can reply to you in an encrypted format if neccesary.
How to encrypt:
Set up GPG, prepare your message in e.g. a file msg.txt
Run
Then copy and paste the output from the console into a new GitHub issue.
I shall try to convert issues to plain-text in-place when they are resolved, for the benefit of visibility.
Other Issues
All other issues, please post in plain-text.
