Increment version for release

Merge pull request #745 from aidantwoods/dev-1.7.x/opt-in-rawHtml
Opt in raw html
2023-08-10 21:13:06 +03:00 · 2019-12-30 22:54:17 +00:00 · 2019-12-30 22:51:57 +00:00 · 2019-12-30 22:47:43 +00:00 · 2019-12-30 22:37:17 +00:00 · 2019-12-30 22:37:17 +00:00
6 changed files with 124 additions and 9 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -12,13 +12,13 @@ matrix:
    - php: 5.6
    - php: 7.0
    - php: 7.1
    - php: 7.2
    - php: 7.3
    - php: 7.4
    - php: nightly
    - php: hhvm
    - php: hhvm-nightly
  fast_finish: true
  allow_failures:
    - php: nightly
    - php: hhvm-nightly
 install:
  - composer install --prefer-dist --no-interaction --no-progress
--- a/Parsedown.php
+++ b/Parsedown.php
@ -17,7 +17,7 @@ class Parsedown
 {
    # ~
-    const version = '1.7.1';
+    const version = '1.7.4';
    # ~
@ -429,7 +429,21 @@ class Parsedown
            if (isset($matches[1]))
            {
-                $class = 'language-'.$matches[1];
+                /**
                 * https://www.w3.org/TR/2011/WD-html5-20110525/elements.html#classes
                 * Every HTML element may have a class attribute specified.
                 * The attribute, if specified, must have a value that is a set
                 * of space-separated tokens representing the various classes
                 * that the element belongs to.
                 * [...]
                 * The space characters, for the purposes of this specification,
                 * are U+0020 SPACE, U+0009 CHARACTER TABULATION (tab),
                 * U+000A LINE FEED (LF), U+000C FORM FEED (FF), and
                 * U+000D CARRIAGE RETURN (CR).
                 */
                $language = substr($matches[1], 0, strcspn($matches[1], " \t\n\f\r"));
                $class = 'language-'.$language;
                $Element['attributes'] = array(
                    'class' => $class,
@ -1475,7 +1489,22 @@ class Parsedown
            }
        }
        $permitRawHtml = false;
        if (isset($Element['text']))
        {
            $text = $Element['text'];
        }
        // very strongly consider an alternative if you're writing an
        // extension
        elseif (isset($Element['rawHtml']))
        {
            $text = $Element['rawHtml'];
            $allowRawHtmlInSafeMode = isset($Element['allowRawHtmlInSafeMode']) && $Element['allowRawHtmlInSafeMode'];
            $permitRawHtml = !$this->safeMode || $allowRawHtmlInSafeMode;
        }
        if (isset($text))
        {
            $markup .= '>';
@ -1486,11 +1515,15 @@ class Parsedown
            if (isset($Element['handler']))
            {
-                $markup .= $this->{$Element['handler']}($Element['text'], $Element['nonNestables']);
+                $markup .= $this->{$Element['handler']}($text, $Element['nonNestables']);
            }
            elseif (!$permitRawHtml)
            {
                $markup .= self::escape($text, true);
            }
            else
            {
-                $markup .= self::escape($Element['text'], true);
+                $markup .= $text;
            }
            $markup .= '</'.$Element['name'].'>';
--- a/test/ParsedownTest.php
+++ b/test/ParsedownTest.php
@ -1,5 +1,7 @@
 <?php
 require 'SampleExtensions.php';
 use PHPUnit\Framework\TestCase;
 class ParsedownTest extends TestCase
@ -55,6 +57,40 @@ class ParsedownTest extends TestCase
        $this->assertEquals($expectedMarkup, $actualMarkup);
    }
    function testRawHtml()
    {
        $markdown = "```php\nfoobar\n```";
        $expectedMarkup = '<pre><code class="language-php"><p>foobar</p></code></pre>';
        $expectedSafeMarkup = '<pre><code class="language-php">&lt;p&gt;foobar&lt;/p&gt;</code></pre>';
        $unsafeExtension = new UnsafeExtension;
        $actualMarkup = $unsafeExtension->text($markdown);
        $this->assertEquals($expectedMarkup, $actualMarkup);
        $unsafeExtension->setSafeMode(true);
        $actualSafeMarkup = $unsafeExtension->text($markdown);
        $this->assertEquals($expectedSafeMarkup, $actualSafeMarkup);
    }
    function testTrustDelegatedRawHtml()
    {
        $markdown = "```php\nfoobar\n```";
        $expectedMarkup = '<pre><code class="language-php"><p>foobar</p></code></pre>';
        $expectedSafeMarkup = $expectedMarkup;
        $unsafeExtension = new TrustDelegatedExtension;
        $actualMarkup = $unsafeExtension->text($markdown);
        $this->assertEquals($expectedMarkup, $actualMarkup);
        $unsafeExtension->setSafeMode(true);
        $actualSafeMarkup = $unsafeExtension->text($markdown);
        $this->assertEquals($expectedSafeMarkup, $actualSafeMarkup);
    }
    function data()
    {
        $data = array();
--- a/test/SampleExtensions.php
+++ b/test/SampleExtensions.php
@ -0,0 +1,39 @@
 <?php
 class UnsafeExtension extends Parsedown
 {
    protected function blockFencedCodeComplete($Block)
    {
        $text = $Block['element']['text']['text'];
        unset($Block['element']['text']['text']);
        // WARNING: There is almost always a better way of doing things!
        //
        // This example is one of them, unsafe behaviour is NOT needed here.
        // Only use this if you trust the input and have no idea what
        // the output HTML will look like (e.g. using an external parser).
        $Block['element']['text']['rawHtml'] = "<p>$text</p>";
        return $Block;
    }
 }
 class TrustDelegatedExtension extends Parsedown
 {
    protected function blockFencedCodeComplete($Block)
    {
        $text = $Block['element']['text']['text'];
        unset($Block['element']['text']['text']);
        // WARNING: There is almost always a better way of doing things!
        //
        // This behaviour is NOT needed in the demonstrated case.
        // Only use this if you are sure that the result being added into
        // rawHtml is safe.
        // (e.g. using an external parser with escaping capabilities).
        $Block['element']['text']['rawHtml'] = "<p>$text</p>";
        $Block['element']['text']['allowRawHtmlInSafeMode'] = true;
        return $Block;
    }
 }
--- a/test/data/fenced_code_block.html
+++ b/test/data/fenced_code_block.html
@ -9,3 +9,5 @@ echo $message;</code></pre>
 echo "Hello World";
 ?&gt;
 &lt;a href="http://auraphp.com" &gt;Aura Project&lt;/a&gt;</code></pre>
 <pre><code class="language-php">&lt;?php
 echo "Hello World";</code></pre>
--- a/test/data/fenced_code_block.md
+++ b/test/data/fenced_code_block.md
@ -23,3 +23,8 @@ echo "Hello World";
 ?>
 <a href="http://auraphp.com" >Aura Project</a>
 ```
 ```php some-class
 <?php
 echo "Hello World";
 ```
Author	SHA1	Message	Date
Aidan Woods	cb17b6477d	Increment version for release	2019-12-30 22:54:17 +00:00
Aidan Woods	21f99b156a	Merge pull request #745 from aidantwoods/dev-1.7.x/opt-in-rawHtml Opt in raw html	2019-12-30 22:51:57 +00:00
Aidan Woods	791faca8af	Test on 7.4	2019-12-30 22:47:43 +00:00
Aidan Woods	add8d18c80	Add rawHtml without using it (extensions may opt-in)	2019-12-30 22:37:17 +00:00
Aidan Woods	7073ac3ed1	Dev for 1.7.4	2019-12-30 22:37:17 +00:00
Aidan Woods	3d2b25b79d	Add test to prevent regression	2019-04-10 21:49:32 +01:00
Aidan Woods	6d89393817	New release due to mislabeled previous tag	2019-03-17 18:48:37 +00:00
Aidan Woods	d60bcdc469	Bump version	2019-03-17 17:19:46 +00:00
Aidan Woods	c390a9e406	Merge pull request #700 from aidantwoods/fix/spaces-in-class-names-1.7.x [1.7.x] Fix spaces in class names	2019-03-17 17:14:45 +00:00
Aidan Woods	0f1e9da8f4	Fix test platforms	2019-03-17 17:05:15 +00:00
Aidan Woods	bc003952fc	[1.7.x] Fix spaces in class names	2019-03-17 16:49:45 +00:00