[Github-comments] [geany/geany-plugins] [markdown] Possible security/privacy implications? (#624)
Matthew Brush
notifications at xxxxx
Thu May 24 09:15:59 UTC 2018
> The browser used by the Markdown plugin executes scripts provided in Markdown files. This could have security/privacy implications.
Meh, the whole point is to execute the code in a real browser engine, and it's as sandboxed as much the underlying WebKitGtk library itself. Would be similar to reporting a bug to Firefox that it executes JavaScript, so closing. Feel free to re-open if I'm wrong.
> Is it possible to tell the browser to not execute scripts?
It might be possible via the WebKitGtk API, a decent patch submission adding a plugin preference to disable JS would probably be accepted.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/geany/geany-plugins/issues/624#issuecomment-391646541
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.geany.org/pipermail/github-comments/attachments/20180524/c8781241/attachment.html>
More information about the Github-comments
mailing list