1
0
mirror of https://github.com/erusev/parsedown.git synced 2023-08-10 21:13:06 +03:00
Commit Graph

601 Commits

Author SHA1 Message Date
Aidan Woods
6bb66db00f
anti-xss
protect all attributes and content from xss via element method
filter special attributes (a href, img src)
expand url whitelist slightly to permit data images and mailto links
2017-05-01 03:25:07 +01:00
naNuke
b3d45c4bb9 Add html escaping to all attributes capable of holding user input. 2017-05-01 02:00:38 +01:00
naNuke
1d4296f34d Customizable whitelist of schemas for safeLinks 2017-05-01 01:58:34 +01:00
naNuke
bf5105cb1a Improve safeLinks with whitelist. 2017-05-01 01:58:34 +01:00
naNuke
1140613fc7 Prevent various XSS attacks 2017-05-01 01:58:34 +01:00
Emanuil Rusev
4367f89a74 attempt to fix failing builds on 5.3 2017-03-29 19:30:24 +03:00
Emanuil Rusev
1bf24f7334 add kbd to text-level elements 2017-03-29 19:04:15 +03:00
Emanuil Rusev
0a09d5ad45 update tests to reflect changes in phpunit 6.0 2017-03-23 20:21:18 +02:00
Emanuil Rusev
3fc442b078 Merge pull request #484 from hkdobrev/patch-1
Add Symfony demo to "Who uses it?"
2017-03-10 09:41:24 +02:00
Haralan Dobrev
bd0e31a7dd Add Symfony demo to "Who uses it?"
409a65b373/composer.json (L24)
2017-03-10 01:04:53 +02:00
Emanuil Rusev
dfaf03639a Merge pull request #480 from pjona/patch-1
Removed double semicolon
2017-03-08 23:21:03 +02:00
Marek Skiba
7081afe8cb Removed double semicolon 2017-03-02 12:43:51 +01:00
Emanuil Rusev
4b6493999a Merge pull request #465 from aidantwoods/patch-8
Trim surrounding whitespace from URL in inlineLink
2017-01-23 09:45:19 +02:00
Aidan Woods
0172d779d7 Trim surrounding whitespace from URL in inlineLink
Fixes https://github.com/erusev/parsedown-extra/issues/103
2017-01-21 11:06:41 +00:00
Emanuil Rusev
cc5b38ca39 Merge pull request #459 from gene-sis/fix_inlineLink_regex
fix_inlineLink_regex
2017-01-07 16:51:03 +02:00
gene_sis
48351504de adjust two regex pattern within inlineLink() to reduce backtracking
add test with base64 image
2017-01-07 00:45:38 +01:00
Emanuil Rusev
20ff8bbb57 Merge pull request #447 from greut/phpunit-from-extra
Fix include from ParsedownTest
2016-11-02 17:56:58 +02:00
Yoan Blanc
bc21988fe5
Fix include from ParsedownTest
I wasn't able to run all the tests from ParsedownExtra because of it.
2016-11-02 09:27:35 +01:00
Emanuil Rusev
e3c3e28554 Merge pull request #446 from jamesevickery/master
Grammar update
2016-10-25 17:39:55 +03:00
James Vickery
f053740132 Merge pull request #1 from erusev/master
Merge pull request #445 from jamesevickery/master
2016-10-25 15:24:11 +01:00
James Vickery
7a92a31739 Grammar update 2016-10-25 15:22:17 +01:00
Emanuil Rusev
6eca8796fb Merge pull request #445 from jamesevickery/master
Tiny grammar correction
2016-10-25 17:21:57 +03:00
James Vickery
8876c0984e Tiny grammar correction 2016-10-25 15:10:22 +01:00
Daniel Rudolf
ae0211a84c
Travis: Add PHP nightly 2016-10-13 22:17:03 +02:00
Daniel Rudolf
a9f696f7bb
Improve CommonMark spec example regex
CommonMark spec example [#170](http://spec.commonmark.org/0.26/#example-170) has a empty HTML result.
2016-10-13 22:16:46 +02:00
Daniel Rudolf
2423644d72
Move test/CommonMarkTest.php to test/CommonMarkTestStrict.php
Add parameter `$id` to CommonMark tests
2016-10-12 02:02:55 +02:00
Daniel Rudolf
be671e72a3
Don't let Travis skip Parsedown's phpunit tests 2016-10-09 14:21:17 +02:00
Daniel Rudolf
f0587d41a9
Add test/CommonMarkTestWeak.php to .travis.yml
Failing tests don't break builds on purpose, Parsedown doesn't fully comply with the CommonMark specs at the moment. We should switch to test/CommonMarkTest.php later, see #423 for details.
2016-10-09 14:17:03 +02:00
Emanuil Rusev
cbc4b3f612 Merge pull request #436 from grogy/php71
Added PHP version 7.1 for tests
2016-10-09 13:04:16 +03:00
Václav Makeš
0080ef218e Added PHP version 7.1 for tests 2016-10-09 01:58:47 +02:00
Aidan Woods
3aef89b399 Line handler may prevent specified element nesting
Swap `under_scores` for `camelCasing`
2016-10-08 17:54:04 +01:00
Emanuil Rusev
f4e0234af0 Merge pull request #431 from aidantwoods/patch-2
Allow parsedown to specify list start attribute
2016-10-05 22:55:34 +03:00
Aidan Woods
5c22531e4d Allow parsedown to specify list start attribute
Syntax preferences
2016-10-05 18:27:54 +01:00
Aidan Woods
3978e33fd0 Allow parsedown to specify list start attribute
Remove github added tabs on blank lines
2016-10-05 18:17:12 +01:00
Aidan Woods
a37797ef34 Allow parsedown to specify list start attribute
Syntax preferences to match surrounding code
2016-10-05 18:15:47 +01:00
Aidan Woods
e3cd271f16 Allow parsedown to specify list start attribute
Performance: Swap preg_replace for stristr to obtain list start
2016-10-05 15:44:34 +01:00
Aidan Woods
f0b7b61c16 Allow parsedown to specify list start attribute
Should fix compatibility for PHP 5.3
2016-10-05 11:36:27 +01:00
Aidan Woods
ed41fcf3d6 Allow parsedown to specify list start attribute
oops
2016-10-05 10:06:40 +01:00
Aidan Woods
1fa8fae301 Allow parsedown to specify list start attribute
Readability improvements
2016-10-05 10:03:21 +01:00
Aidan Woods
543a6c4175 Line handler may prevent specified element nesting
Check if array is empty to shave some performance hits in the case than no non nestables are present.
2016-10-04 18:59:36 +01:00
Aidan Woods
932bafe0f0 update test for new feature 2016-10-04 17:43:37 +01:00
Aidan Woods
ac857809ab update test for new feature 2016-10-04 17:41:57 +01:00
Aidan Woods
846274996a Update ordered_list.html 2016-10-04 17:28:43 +01:00
Aidan Woods
c145a75848 update test for new feature 2016-10-04 15:44:50 +01:00
Aidan Woods
a81aedeb10 Line handler may prevent specified element nesting
Removed granularity controls – elements are assumed to be non nestable indefinitely once declared.
2016-10-04 15:27:11 +01:00
Aidan Woods
50952b3243 Line handler may prevent specified element nesting
This commit serves to add comments detailing parts of the new functionality, and to adjust syntax preferences to match that of the surrounding document. The commit title also now reflects the most significant change made.
2016-10-02 18:26:13 +01:00
Aidan Woods
4d3600f273 Extend disallowed assertion depth capabilities
I've built on the functionality of feature 1. in the previous commit to allow non nestables to be asserted indefinitely, or to a specified depth.
2016-10-02 17:37:08 +01:00
Aidan Woods
d6d5f53ff4 Fix Issue #358 – preventing double nested links
1. Add the ability for a parsed element to enforce that the line handler not parse any (immediate) child elements of a specified type.
2. Use 1. to allow parsed Url elements to tell the line handler not to parse any child Links or Urls where they are immediate children.
2016-10-01 15:56:14 +01:00
Aidan Woods
f17aa0438a Update Parsedown.php 2016-09-27 02:15:35 +01:00
Aidan Woods
38f4027d5e Update Parsedown.php
Okay, so maybe I should have looked 20 lines or so above where I made the edit in the element function – looks like it already supports adding attributes ;p
Have amended the change to blocklist to use the already existing functionality, and have reverted the change that I made to the element function.
2016-09-27 02:15:09 +01:00