From 408067b893f8e7668050fd9d8ca0ab4165aa5263 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 30 Aug 2010 14:21:50 -0400 Subject: [PATCH] response --- doc/todo/Add_nicer_math_formatting.mdwn | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/doc/todo/Add_nicer_math_formatting.mdwn b/doc/todo/Add_nicer_math_formatting.mdwn index 041eaee11..6e082c102 100644 --- a/doc/todo/Add_nicer_math_formatting.mdwn +++ b/doc/todo/Add_nicer_math_formatting.mdwn @@ -1,5 +1,24 @@ -It would be nice to add nicer math formatting. I currently use the [[plugins/teximg]] plugin, but I wonder if [jsMath](http://www.math.union.edu/~dpvc/jsMath/) wouldn't be a better option. +It would be nice to add nicer math formatting. I currently use the +[[plugins/teximg]] plugin, but I wonder if +[jsMath](http://www.math.union.edu/~dpvc/jsMath/) wouldn't be a better option. [[Will]] +> I've looked at jsmath (which is nicely packaged in Debian), and +> I agree that this is nicer than TeX images. That text-mode browsers +> get to see LaTeX as a fallback is actually a nice feature (better +> than nothing, right? :) That browsers w/o javascript will not be able to +> see the math either is probably ok. +> +> A plugin would probably be a pretty trivial thing to write. +> It just needs to include the javascript files, +> and slap a `
avound the user's code`, then +> call `jsMath.Process(document);` at the end of the page. +> +> My only concern is security: Has jsMath's parser been written +> to be safe when processing untrusted input? Could a user abuse the +> parser to cause it to emit/run arbitrary javascript code? +> I've posted a question about this to its forum: --[[Joey]] +> + [[!tag wishlist]] -- 2.32.0.93.g670b81a890