Custom URL-Schemas for Markdown

tokarchuk/v1.17
Kim "BKC" Carlbäcker 9 years ago
parent ab0ba4bbae
commit 3a9fd81f59
  1. 12
      modules/base/markdown.go
  2. 1
      modules/base/tool.go
  3. 1
      modules/setting/setting.go
  4. 2
      modules/template/template.go

@ -29,16 +29,10 @@ func isalnum(c byte) bool {
return (c >= '0' && c <= '9') || isletter(c) return (c >= '0' && c <= '9') || isletter(c)
} }
var validLinks = [][]byte{[]byte("http://"), []byte("https://"), []byte("ftp://"), []byte("mailto://")} var validLinksPattern = regexp.MustCompile(`^[a-z][\w-]+://`)
func isLink(link []byte) bool { func isLink(link []byte) bool {
for _, prefix := range validLinks { return validLinksPattern.Match(link)
if len(link) > len(prefix) && bytes.Equal(bytes.ToLower(link[:len(prefix)]), prefix) && isalnum(link[len(prefix)]) {
return true
}
}
return false
} }
func IsMarkdownFile(name string) bool { func IsMarkdownFile(name string) bool {
@ -346,7 +340,7 @@ OUTER_LOOP:
func RenderMarkdown(rawBytes []byte, urlPrefix string, metas map[string]string) []byte { func RenderMarkdown(rawBytes []byte, urlPrefix string, metas map[string]string) []byte {
result := RenderRawMarkdown(rawBytes, urlPrefix) result := RenderRawMarkdown(rawBytes, urlPrefix)
result = PostProcessMarkdown(result, urlPrefix, metas) result = PostProcessMarkdown(result, urlPrefix, metas)
result = Sanitizer.SanitizeBytes(result) result = BuildSanitizer().SanitizeBytes(result)
return result return result
} }

@ -37,6 +37,7 @@ func BuildSanitizer() (p *bluemonday.Policy) {
p.AllowAttrs("type").Matching(regexp.MustCompile(`^checkbox$`)).OnElements("input") p.AllowAttrs("type").Matching(regexp.MustCompile(`^checkbox$`)).OnElements("input")
p.AllowAttrs("checked", "disabled").OnElements("input") p.AllowAttrs("checked", "disabled").OnElements("input")
p.AllowURLSchemes(setting.Markdown.CustomURLSchemes...)
return p return p
} }

@ -117,6 +117,7 @@ var (
// Markdown sttings // Markdown sttings
Markdown struct { Markdown struct {
EnableHardLineBreak bool EnableHardLineBreak bool
CustomURLSchemes []string `ini:"CUSTOM_URL_SCHEMES"`
} }
// Picture settings // Picture settings

@ -105,7 +105,7 @@ func Safe(raw string) template.HTML {
} }
func Str2html(raw string) template.HTML { func Str2html(raw string) template.HTML {
return template.HTML(base.Sanitizer.Sanitize(raw)) return template.HTML(base.BuildSanitizer().Sanitize(raw))
} }
func Range(l int) []int { func Range(l int) []int {

Loading…
Cancel
Save