Expand description
⚠️ Disclaimer: This crate was entirely generated by AI (Claude) as part of a personal learning project. It has not been battle-tested in production and may contain bugs or unsound abstractions. Use at your own risk and exercise extreme caution before depending on it in anything that matters.
§Security
Raw HTML in markdown is a potential XSS vector. This crate provides three
rendering policies via HtmlRenderPolicy:
Escape(default) — HTML tags are rendered as visible text. Safe for all inputs including untrusted user content.Sanitized— HTML is cleaned with theammoniacrate, stripping<script>,<iframe>, event handlers, etc. while keeping safe formatting tags. Requires thesanitizeCargo feature.Trusted— HTML is injected directly into the DOM with no sanitization. Only use when you fully control the markdown source. This is an XSS vector if used with user-generated content.
When in doubt, use the default Escape policy. If you need HTML rendering
with user content, enable the sanitize feature and use Sanitized.
Modules§
- components
- context
- highlight
- Syntax highlighting for fenced code blocks.
- hooks
- ime_
proxy - IME Proxy — Headless component for web/mobile composition preedit capture. Renders a transparent, floating textarea to intercept native keyboard events without browser contenteditable side-effects.
- inline_
editor - inline_
tokens - interop
- markdown
- Compound component namespace —
use dioxus_nox_markdown::markdown;thenmarkdown::Root { ... }. - parser
- prelude
- Prelude — import everything for typical consumer usage.
- reveal_
engine - types
- viewport