Aidan Woods
1a47e74be1
Quotes are permitted in escaped body
2018-03-25 19:59:05 +01:00
Aidan Woods
d86d839677
Merge branch 'master' into fix/consistency_follow
2018-03-25 19:37:04 +01:00
Aidan Woods
3fc54bc966
Allow extension to "vouch" for raw HTML they produce
...
Rename "unsafeHtml" to "rawHtml"
2018-03-15 19:46:03 +00:00
Aidan Woods
ef7ed7b66c
Still grab the text if safe mode enabled, but output it escaped
2018-03-15 11:09:55 +00:00
Aidan Woods
e6444bb57e
Add unsafeHtml option for extensions to use on trusted input
2018-03-15 10:48:38 +00:00
Aidan Woods
48a053fe29
Merge pull request #423 from PhrozenByte/bugfix/CommonMarkTest
...
Fix CommonMark test
2018-02-28 17:05:24 +00:00
Emanuil Rusev
6678d59be4
Merge pull request #495 from aidantwoods/anti-xss
...
Prevent various XSS attacks [rebase and update of #276 ]
2018-02-28 13:41:37 +02:00
Daniel Rudolf
03e1a6ac02
Merge branch 'master' into bugfix/CommonMarkTest
...
Conflicts:
.travis.yml
test/CommonMarkTest.php
test/ParsedownTest.php
test/bootstrap.php
2017-11-14 22:09:25 +01:00
Gabriel Caruso
691e36b1f2
Use PHPUnit\Framework\TestCase instead of PHPUnit_Framework_TestCase
2017-11-11 00:56:03 -02:00
Daniel Berthereau
be963a6531
Added tests for consistency when a markdown follows a markup without blank line.
2017-06-19 00:00:00 +02:00
Aidan Woods
b1e5aebaf6
add single safeMode option that encompasses protection from link destination xss and plain markup based xss into a single on/off switch
2017-05-09 19:22:58 +01:00
Aidan Woods
af04ac92e2
add xss tests
2017-05-01 03:33:49 +01:00
Emanuil Rusev
4367f89a74
attempt to fix failing builds on 5.3
2017-03-29 19:30:24 +03:00
Emanuil Rusev
0a09d5ad45
update tests to reflect changes in phpunit 6.0
2017-03-23 20:21:18 +02:00
Yoan Blanc
bc21988fe5
Fix include from ParsedownTest
...
I wasn't able to run all the tests from ParsedownExtra because of it.
2016-11-02 09:27:35 +01:00
Daniel Rudolf
33a23fbfb2
Refactor PHPUnit bootstrap
...
This allows Parsedown extensions (like Parsedown Extra) to reuse existing Parsedown tests. See erusev/parsedown-extra#96 for details.
2016-09-05 21:10:23 +02:00
Haralan Dobrev
5f40cab3e7
Use late static binding for Parsedown::instance()
...
Fixes erusev/parsedown-extra#67 .
This introduces PHP 5.3+ late static binding to the Singleton pattern in Parsedown.
It will return an instance of Parsedown which inherits the class which
called the `instance()` method rather than always returning instance of just `Parsedown`.
Tests are testing this feature with a test class which inherits from Parsedown.
Notice that calling `instance()` with the default arguments after an instance of
`Parsedown` was already created, it will return it even though it is from just
an instance of `Parsedown`. So this is fixing the problem just partially.
2015-08-13 13:29:33 +03:00
Emanuil Rusev
1aade35c5e
update test
2014-12-15 00:56:22 +02:00
Emanuil Rusev
361febf7c6
improve CommonMark compliance
2014-12-15 00:52:03 +02:00
Emanuil Rusev
094cb88dac
update test
2014-12-02 23:53:19 +02:00
naNuke
74926c9831
Add test of escaped html comment.
2014-10-10 20:07:41 +02:00
Emanuil Rusev
c62365adc4
improve extensibility of test case
2014-09-26 02:06:16 +03:00