From c2d6605ac801c420d6af3ff2e5a720a0430e1130 Mon Sep 17 00:00:00 2001
From: ARCANEDEV <arcanedev.maroc@gmail.com>
Date: Mon, 20 Mar 2017 19:49:34 +0000
Subject: [PATCH 1/2] Allowing to escape html markups

---
 config/markdown.php          |  9 +++++++++
 src/MarkdownParser.php       |  1 +
 tests/MarkdownParserTest.php | 16 ++++++++++++++++
 3 files changed, 26 insertions(+)

diff --git a/config/markdown.php b/config/markdown.php
index a76bd9f..4216e29 100644
--- a/config/markdown.php
+++ b/config/markdown.php
@@ -1,6 +1,7 @@
 <?php
 
 return [
+
     /* ------------------------------------------------------------------------------------------------
      |  Escape Cross-site scripting
      | ------------------------------------------------------------------------------------------------
@@ -15,4 +16,12 @@
      | Allowing or not to automatic-linking of URLs in your markdown.
      */
     'urls' => true,
+
+    /* -----------------------------------------------------------------
+     |  Escape Markups
+     | -----------------------------------------------------------------
+     | Allowing or not to escape the HTML markups.
+     */
+    'markups' => true,
+
 ];
diff --git a/src/MarkdownParser.php b/src/MarkdownParser.php
index 3d29a21..d142de9 100644
--- a/src/MarkdownParser.php
+++ b/src/MarkdownParser.php
@@ -58,6 +58,7 @@ public function __construct(Parsedown $parser)
     public function parse($content)
     {
         $this->parser->setUrlsLinked(config('markdown.urls', true));
+        $this->parser->setMarkupEscaped(config('markdown.markups', true));
 
         if (config('markdown.xss', true)) {
             $content = preg_replace('/(\[.*\])\(javascript:.*\)/', '$1(#)', $content);
diff --git a/tests/MarkdownParserTest.php b/tests/MarkdownParserTest.php
index 9ded0d0..4344a0e 100644
--- a/tests/MarkdownParserTest.php
+++ b/tests/MarkdownParserTest.php
@@ -102,6 +102,22 @@ public function it_can_clean_xss()
         );
     }
 
+    /** @test */
+    public function it_can_escape_markups()
+    {
+        $this->assertEquals(
+            '<p>&lt;b&gt;This is a script&lt;/b&gt;&lt;script&gt;alert(\'hello\');&lt;/script&gt;</p>',
+            $this->parser->parse("<b>This is a script</b><script>alert('hello');</script>")
+        );
+
+        $this->app['config']->set('markdown.markups', false);
+
+        $this->assertEquals(
+            '<p><b>This is a script</b><script>alert(\'hello\');</script></p>',
+            $this->parser->parse("<b>This is a script</b><script>alert('hello');</script>")
+        );
+    }
+
     /** @test */
     public function it_can_autolink_the_urls()
     {

From 3168e597c216ac6e1de681b469874cd985428c88 Mon Sep 17 00:00:00 2001
From: ARCANEDEV <arcanedev.maroc@gmail.com>
Date: Mon, 20 Mar 2017 19:49:42 +0000
Subject: [PATCH 2/2] update docs

---
 _docs/1-Installation-and-Setup.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/_docs/1-Installation-and-Setup.md b/_docs/1-Installation-and-Setup.md
index c5bb1db..e38cd22 100644
--- a/_docs/1-Installation-and-Setup.md
+++ b/_docs/1-Installation-and-Setup.md
@@ -22,7 +22,6 @@ The Laravel Markdown package has a few system requirements:
 [laravel_markdown_1_1_x]: https://img.shields.io/badge/version-1.1.*-blue.svg?style=flat-square "Laravel Markdown v1.1.*"
 [laravel_markdown_1_2_x]: https://img.shields.io/badge/version-1.2.*-blue.svg?style=flat-square "Laravel Markdown v1.2.*"
 
-
 ## Composer
 
 You can install this package via [Composer](http://getcomposer.org/) by running this command: `composer require arcanedev/laravel-markdown`.