DangerousMarkdown
Render markdown content which can include HTML elements. If the markdown content does not need to render HTML, use the Markdown or MarkdownWithCode blocks instead. Specify what HTML element to allow or remove by changing the default modifying the DOMPurify's options.
The DangerousMarkdown block sanitizes the markdown content using DOMPurify's before converting the markdown to HTML. DangerousMarkdown provides the ability to customize the sanitization options. This comes with some security considerations, please consider DOMPurify's Security Goals and Threat Model for more details regarding the security impact of using the DangerousMarkdown block.
In short, it is strongly advised to never render any user input DangerousMarkdown content, only render hardcoded or trusted markdown and HTML content.
Some Html content:
A simple white title box
id: block_id
type: DangerousMarkdown
properties:
content: >
## Some Html content:
<div style="background: #123456; padding: 10px;"><h4 style="color: white;">A
simple white title box</h4></div>
DangerousMarkdown headings
Markdown with an iframe:
id: iframes_example
type: DangerousMarkdown
properties:
DOMPurifyOptions":
ADD_TAGS":
- iframe
content: >
# Markdown with an iframe:
<iframe style="max-width: 512px;" width="100%"
src="https://www.youtube.com/embed/7N7GWdlQJlU" frameborder="0"
allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope;
picture-in-picture" allowfullscreen></iframe>
type: object
properties:
properties:
additionalProperties: false
properties:
DOMPurifyOptions:
description: >-
Customize DOMPurify options. Options are only applied when the block is
mounted, thus any parsed settings is only applied at first render.
type: object
content:
description: Content in markdown format.
type: string
style:
description: Style to apply to Markdown div.
type: object
type: object