Aidan Woods
9b7b7348b4
Merge pull request #598 from aidantwoods/enhancement/set-literal-breaks
...
Add literalBreaks support
2018-04-06 15:06:45 +01:00
Aidan Woods
38ea813b0e
Add failing test case
2018-04-05 16:54:35 +01:00
Aidan Woods
24e48e91c8
Add literalBreaks support
...
Line breaks will be converted to <br />
2018-04-05 01:01:52 +01:00
Aidan Woods
772c919b05
Fix bug where empty atx headings would not be recognised (CommonMark)
...
Fixes #595
2018-04-02 17:18:01 +01:00
Aidan Woods
cf6d23de55
Rename hashtags enabled to strict mode
...
We can use this to seperate any intentional spec deviations from
spec behaviour so users can pick between compatability and spec
implementations
2018-04-02 17:18:01 +01:00
Nathan Baulch
d0279cdd3b
Enable #hashtag support via setting
2018-04-02 17:18:01 +01:00
Nathan Baulch
8a90586218
Support #hashtag per CommonMark and GFM specs
2018-04-02 17:18:00 +01:00
Aidan Woods
ce073c9baa
Merge pull request #576 from aidantwoods/enhancement/moar-ast
...
Produce AST prior to render
2018-03-31 23:11:45 +01:00
Aidan Woods
20e592359f
Add failing test case
2018-03-30 19:22:13 +01:00
Aidan Woods
a3e02c1d0e
Add failing test case
2018-03-28 15:37:47 +01:00
Aidan Woods
07216480db
Change test to comply with CommonMark
2018-03-28 03:26:45 +01:00
Aidan Woods
caea783006
Add failing test case
2018-03-28 03:24:01 +01:00
Aidan Woods
d849d64611
Merge pull request #584 from aidantwoods/fix/tables
...
Permit 1 column tables with less delimiters
2018-03-27 23:18:41 +01:00
Aidan Woods
00e51ee424
Permit 1 column tables with less delimiters
2018-03-27 23:12:51 +01:00
Aidan Woods
1c52cb6b5e
Add failing test cases
2018-03-27 22:01:32 +01:00
Aidan Woods
ae13290221
Merge pull request #574 from aidantwoods/fix/remove-legacy-escaping
...
Remove legacy escaping
2018-03-27 13:18:30 +01:00
Aidan Woods
f594d4c18b
Add more tests for CommonMark compliance
2018-03-27 11:20:04 +01:00
Aidan Woods
21cdd8a0b3
Merge branch 'master' into patch-4
2018-03-27 11:13:06 +01:00
Aidan Woods
cac63f6fcb
Merge pull request #578 from aidantwoods/fix/setext-heading-spaces
...
Fix setext heading space handling
2018-03-25 23:08:31 +01:00
Aidan Woods
913e04782f
Add failing test cases to be fixed
2018-03-25 22:50:16 +01:00
Aidan Woods
1a47e74be1
Quotes are permitted in escaped body
2018-03-25 19:59:05 +01:00
Aidan Woods
d86d839677
Merge branch 'master' into fix/consistency_follow
2018-03-25 19:37:04 +01:00
Aidan Woods
098f24d189
Seperate handler delegation from AST
...
This also splits 'text' into 'text', 'elements', and
'element' to hopefully better communicate structure
2018-03-21 02:32:01 +00:00
Aidan Woods
624a08b7eb
Update commment
2018-03-15 19:55:33 +00:00
Aidan Woods
3fc54bc966
Allow extension to "vouch" for raw HTML they produce
...
Rename "unsafeHtml" to "rawHtml"
2018-03-15 19:46:03 +00:00
Aidan Woods
ef7ed7b66c
Still grab the text if safe mode enabled, but output it escaped
2018-03-15 11:09:55 +00:00
Aidan Woods
e4c5be026d
Further attempt to dissuade this feature's use
2018-03-15 11:00:03 +00:00
Aidan Woods
e6444bb57e
Add unsafeHtml option for extensions to use on trusted input
2018-03-15 10:48:38 +00:00
Aidan Woods
f70d96479a
Add test case for email surrounded by tags
2018-03-09 16:48:32 +00:00
Hari KT
e2f3961f80
Add test case to make sure issue 232 no longer exists
2018-02-28 23:25:38 +05:30
Aidan Woods
e941dcc3f0
Merge pull request #525 from aidantwoods/fix/infostring
...
Properly support fenced code block infostring
2018-02-28 17:06:25 +00:00
Aidan Woods
48a053fe29
Merge pull request #423 from PhrozenByte/bugfix/CommonMarkTest
...
Fix CommonMark test
2018-02-28 17:05:24 +00:00
Aidan Woods
5057e505d8
Merge pull request #475 from aidantwoods/loose-lists
...
Loose lists
2018-02-28 17:05:00 +00:00
Emanuil Rusev
6678d59be4
Merge pull request #495 from aidantwoods/anti-xss
...
Prevent various XSS attacks [rebase and update of #276 ]
2018-02-28 13:41:37 +02:00
Aidan Woods
722b776684
Test multiple multiline lists
2018-01-29 14:38:19 +01:00
Aidan Woods
7fd92a8fbd
update tests
2018-01-29 14:38:19 +01:00
Daniel Rudolf
03e1a6ac02
Merge branch 'master' into bugfix/CommonMarkTest
...
Conflicts:
.travis.yml
test/CommonMarkTest.php
test/ParsedownTest.php
test/bootstrap.php
2017-11-14 22:09:25 +01:00
Gabriel Caruso
691e36b1f2
Use PHPUnit\Framework\TestCase instead of PHPUnit_Framework_TestCase
2017-11-11 00:56:03 -02:00
Aidan Woods
4404201175
Properly support fenced code block infostring
...
Reference: http://spec.commonmark.org/0.28/#info-string
2017-08-20 10:28:46 +01:00
Daniel Berthereau
47e4163a68
Merge branch 'htmlblocks' of https://github.com/aidantwoods/parsedown into aidantwoods-htmlblocks
2017-06-23 00:00:00 +02:00
Aidan Woods
c05bff047a
correct test to match CommonMark specified input for output
2017-06-22 00:03:12 +01:00
Daniel Berthereau
129f807e32
Inverted checks of consistency for markdown following markups.
2017-06-22 00:00:00 +02:00
Daniel Berthereau
be963a6531
Added tests for consistency when a markdown follows a markup without blank line.
2017-06-19 00:00:00 +02:00
Aidan Woods
67c3efbea0
according to https://tools.ietf.org/html/rfc3986#section-3 the colon is a required part of the syntax, other methods of achieving the colon character (as to browser interpretation) should be taken care of by htmlencoding that is done on all attribute content
2017-05-10 16:57:18 +01:00
Aidan Woods
b1e5aebaf6
add single safeMode option that encompasses protection from link destination xss and plain markup based xss into a single on/off switch
2017-05-09 19:22:58 +01:00
Aidan Woods
054ba3c487
urlencode urls that are potentially unsafe:
...
this should break urls that attempt to include a protocol, or port (these are absolute URLs and should have a whitelisted protocol for use)
but URLs that are relative, or relative from the site root should be preserved (though characters non essential for the URL structure may be urlencoded)
this approach has significant advantages over attempting to locate something like `javascript:alert(1)` or `javascript:alert(1)` (which are both valid) because browsers have been known to ignore ridiculous characters when encountered (meaning something like `jav\ta\0\0script:alert(1)` would be xss :( ). Instead of trying to chase down a way to interpret a URL to decide whether there is a protocol, this approach ensures that two essential characters needed to achieve a colon are encoded `:` (obviously) and `;` (from `:`). If these characters appear in a relative URL then they are equivalent to their URL encoded form and so this change will be non breaking for that case.
2017-05-03 17:01:27 +01:00
Aidan Woods
af04ac92e2
add xss tests
2017-05-01 03:33:49 +01:00
Aidan Woods
1d0af35f10
update test to result generated by CommonMark reference parser
2017-03-29 18:26:07 +01:00
Emanuil Rusev
4367f89a74
attempt to fix failing builds on 5.3
2017-03-29 19:30:24 +03:00
Emanuil Rusev
0a09d5ad45
update tests to reflect changes in phpunit 6.0
2017-03-23 20:21:18 +02:00