Disable HTML Sanitzation?


I’m editing blog posts with StackEdit and it’s great!

However I would like to embed Tweets, Github gists, and Amazon widgets, and they all rely on JavaScript.

I assume that they are stripped out by the HTML sanitizer in StackEdit. I couldn’t find any way to disable this in the UI.

I searched the forums and it appears that others have the same issue:

Although I think this can’t be done for security reasons, it seems that jsfiddle and jsbin and similar sites support running JavaScript?

Also, the markdown-it demo supports JavaScript if you check the html box, although yes it seems very insecure :slight_smile:


But in any case, even if the StackEdit service can’t support it, is it possible to remove HTML sanitization by forking the source? I noticed this part of the source that calls an HTML sanitizer.

I did not try building StackEdit yet, but maybe removing that line and rebuilding it will enable JS on a self-hosted version?