Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Markdown: Sanitizier Configuration #9075

Merged
merged 7 commits into from
Dec 7, 2019
Merged

Markdown: Sanitizier Configuration #9075

merged 7 commits into from
Dec 7, 2019

Commits on Dec 6, 2019

  1. Support custom sanitization policy 

    Allowing the gitea administrator to configure sanitization policy allows
them to couple external renders and custom templates to support more
markup. In particular, the `pandoc` renderer allows generating KaTeX
annotations, wrapping them in `<span>` elements with class `math` and
either `inline` or `display` (depending on whether or not inline or
block mode was requested).

This iteration gives the administrator whitelisting powers; carefully
crafted regexes will thus let through only the desired attributes
necessary to support their custom markup.

Resolves: go-gitea#9054

Signed-off-by: Alexander Scheel <[email protected]>
    @cipherboy
    cipherboy committed Dec 6, 2019
    Configuration menu
    Copy the full SHA
    9025a69 View commit details
    Browse the repository at this point in the history

  2. Document new sanitization configuration 

     - Adds basic documentation to app.ini.sample,
 - Adds an example to the Configuration Cheat Sheet, and
 - Adds extended information to External Renderers section.

Signed-off-by: Alexander Scheel <[email protected]>
    @cipherboy
    cipherboy committed Dec 6, 2019
    Configuration menu
    Copy the full SHA
    5353d15 View commit details
    Browse the repository at this point in the history

  3. Drop extraneous length check in newMarkupSanitizer(...) 

    Signed-off-by: Alexander Scheel <[email protected]>
    @cipherboy
    cipherboy committed Dec 6, 2019
    Configuration menu
    Copy the full SHA
    e582133 View commit details
    Browse the repository at this point in the history

  4. Fix plural ELEMENT and ALLOW_ATTR in docs 

    These were left over from their initial names. Make them singular to
conform with the current expectations.

Signed-off-by: Alexander Scheel <[email protected]>
    @cipherboy
    cipherboy committed Dec 6, 2019
    Configuration menu
    Copy the full SHA
    45963fc View commit details
    Browse the repository at this point in the history

Commits on Dec 7, 2019

  1. Merge branch 'master' into markdown-sanitizer-config

    @techknowlogick
    techknowlogick authored Dec 7, 2019
    Configuration menu
    Copy the full SHA
    5ecdfa5 View commit details
    Browse the repository at this point in the history

  2. Merge branch 'master' into markdown-sanitizer-config

    @techknowlogick
    techknowlogick authored Dec 7, 2019
    Configuration menu
    Copy the full SHA
    a641266 View commit details
    Browse the repository at this point in the history

  3. Merge branch 'master' into markdown-sanitizer-config

    @techknowlogick
    techknowlogick authored Dec 7, 2019
    Configuration menu
    Copy the full SHA
    314330b View commit details
    Browse the repository at this point in the history