You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Whole of the Editorjs creates output as raw JSON and no inline HTML is present. This helps in preventing XSS attacks. But with underline, the output text has inline HTML (sample below).
{
"time": 1735526737550,
"blocks": [
{
"id": "z5t-4fWC6H",
"type": "paragraph",
"data": {
"text": "And I want to say that <u class=\"cdx-underline\">this is not fine</u> to work with."
}
}
],
"version": "2.30.7"
}
Can we create output like below?
{
"time": 1735526737550,
"blocks": [
{
"id": "z5t-4fWC6H",
"type": "paragraph",
"data": {
"items": [
{
"id": "7-djd",
"style": null,
"text": "And I want to say that"
},
{
"id": "8-djd",
"style": underline,
"text": " this is not fine "
},
{
"id": "9-djd",
"style": null,
"text": "to work with."
},
]
}
}
],
"version": "2.30.7"
}
This will help in preventing the XSS attacks.
The text was updated successfully, but these errors were encountered:
Hello
Whole of the Editorjs creates output as raw JSON and no inline HTML is present. This helps in preventing XSS attacks. But with underline, the output text has inline HTML (sample below).
Can we create output like below?
This will help in preventing the XSS attacks.
The text was updated successfully, but these errors were encountered: