From 32e92dee9363d9ef7674ae11234cecfd3ae560f9 Mon Sep 17 00:00:00 2001 From: John MacFarlane Date: Tue, 11 Nov 2014 20:51:45 -0800 Subject: Added js usage example. --- README.md | 29 ++++++++++++++++++----------- 1 file changed, 18 insertions(+), 11 deletions(-) (limited to 'README.md') diff --git a/README.md b/README.md index f0693a6..9145afa 100644 --- a/README.md +++ b/README.md @@ -30,12 +30,28 @@ Scott Chacon and Ben Straub): The JavaScript implementation is a single JavaScript file, with -no dependencies, that can be linked to in an HTML page. A node -package is also available; it includes a command-line tool called +no dependencies, that can be linked to in an HTML page. Here +is a simple usage example: + +``` javascript +var reader = new commonmark.DocParser(); +var writer = new commonmark.HtmlRenderer(); +var parsed = reader.parse("Hello *world*"); +var result = writer.render(parsed); +``` + +A node package is also available; it includes a command-line tool called `commonmark`. [Try it now!](http://spec.commonmark.org/dingus.html) +**A note on security:** +Neither implementation attempts to sanitize link attributes or +raw HTML. If you use these libraries in applications that accept +untrusted user input, you must run the output through an HTML +sanitizer to protect against +[XSS attacks](http://en.wikipedia.org/wiki/Cross-site_scripting). + Installing ---------- @@ -89,15 +105,6 @@ or `make dingus` will start an interactive dingus you can use to play with the JavaScript implementation: -A note on security ------------------- - -Neither implementation attempts to sanitize link attributes or -raw HTML. If you use these libraries in applications that accept -untrusted user input, you must run the output through an HTML -sanitizer to protect against -[XSS attacks](http://en.wikipedia.org/wiki/Cross-site_scripting). - The spec -------- -- cgit v1.2.3