v2.10.2

Major Changed

1. To prevent XSS, attributes of all HTML tags are filtered by default. To use specific attributes (such as style), you can configure the xssOptions as whitelist required.

xssOptions:{
    whiteList: {
        span: ['style']
    }
}

2. Added the html option. If HTML tags are not required in Markdown, you are advised to set the html option to false to avoid security vulnerabilities.

What's Changed

• fix: Add sanitizer for filtering HTML tags by @jiawulin001 in #744

Full Changelog: v2.10.1...v2.10.2