I love this. One question: how much emphasis was put on security? Can I safely l... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		htf on Sept 15, 2014 \| parent \| context \| favorite \| on: KaTeX: Math typesetting for the web I love this. One question: how much emphasis was put on security? Can I safely let the users of my website input any string and feed it directly to the render function?

xymostech on Sept 15, 2014 [–]

We never do any unsafe dom manipulations, like using .innerHTML, only createElement and appendChild, so things should be fairly safe. Also, if you do server-side rendering, we escape code that users type in, so that should work well also.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact