Markdown Viewer - Simple & Secure

Simple, secure local Markdown viewer. XSS-protected, Hot Reload, zero-config. Just works.

A no-nonsense Markdown viewer built for developers who value security and simplicity. WHY THIS EXISTS Browser extensions can be sold, hacked, or suddenly request scary permissions. This viewer was built to avoid extension malware risks with minimal, justified permissions. FEATURES * 6 Clean Themes - Light, Dark, GitHub, Minimal, Solarized Light, Solarized Dark * Hot Reload - Auto-detect file changes (1s~ configurable) * GFM Support - Syntax highlight, Mermaid diagrams, Math equations (MathJax), Table of Contents * Remote URL Support (Optional) - Add custom domains to render remote Markdown files * View Raw Toggle - Switch between rendered and raw Markdown * Frontmatter Support - YAML frontmatter parsing * Zero Config - Install and it just works SECURITY & PRIVACY This extension is designed with security as the top priority. What it does: + Read local Markdown files you open + Store your settings locally + Access remote URLs (only domains you explicitly authorize) What it doesn't: - Collect or track any data - Access websites without your permission - Make network requests without your consent - Use remote code execution All HTML rendering is sanitized with js-xss library to prevent XSS attacks. Content Security Policy (CSP) is configured to block inline scripts. Permissions: - storage: Save your theme and settings - activeTab: Render Markdown in the current tab - scripting: Register content scripts for custom domains - file:///: Access local .md files you open Optional permissions: - https://*/: Only requested when you add custom domains in Settings No scary permissions like <all_urls> or webRequest. 100% open source and auditable: https://github.com/ba0918/markdown-viewer USAGE 1. Enable "Allow access to file URLs" in chrome://extensions 2. Open .md file in Chrome 3. Done Settings: Click toolbar icon to change theme, configure Hot Reload, or add remote domains. FAQ Q: Does it work with WSL2 files? A: Rendering works fine. Hot Reload doesn't work due to Chrome extension restrictions. Q: Remote Markdown files (GitHub Raw, Gist, etc.)? A: Supported! Go to Settings > Remote URL and add your trusted domains. The extension only accesses domains you explicitly authorize. Built by a developer tired of trusting strangers with file system access.