diff options
| author | John MacFarlane <jgm@berkeley.edu> | 2015-07-13 09:21:35 -0700 |
|---|---|---|
| committer | John MacFarlane <jgm@berkeley.edu> | 2015-07-13 10:15:55 -0700 |
| commit | ac39623d667999cfae1444b46508a9a423b0df1b (patch) | |
| tree | 40579cea4365b373fdc2831c2e43c2288671d028 /src/scanners.h | |
| parent | 6dcd2beafdfbc9f694916bcdfa822b896aa44177 (diff) | |
Added `CMARK_OPT_SAFE` option and `--safe` command-line flag.
* Added `CMARK_OPT_SAFE`. This option disables rendering of raw HTML
and potentially dangerous links.
* Added `--safe` option in command-line program.
* Updated `cmark.3` man page.
* Added `scan_dangerous_url` to scanners.
* In HTML, suppress rendering of raw HTML and potentially dangerous
links if `CMARK_OPT_SAFE`. Dangerous URLs are those that begin
with `javascript:`, `vbscript:`, `file:`, or `data:` (except for
`image/png`, `image/gif`, `image/jpeg`, or `image/webp` mime types).
* Added `api_test` for `OPT_CMARK_SAFE`.
* Rewrote `README.md` on security.
Diffstat (limited to 'src/scanners.h')
| -rw-r--r-- | src/scanners.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/scanners.h b/src/scanners.h index db8eeb8..a6a71bf 100644 --- a/src/scanners.h +++ b/src/scanners.h @@ -26,6 +26,7 @@ bufsize_t _scan_hrule(const unsigned char *p); bufsize_t _scan_open_code_fence(const unsigned char *p); bufsize_t _scan_close_code_fence(const unsigned char *p); bufsize_t _scan_entity(const unsigned char *p); +bufsize_t _scan_dangerous_url(const unsigned char *p); #define scan_scheme(c, n) _scan_at(&_scan_scheme, c, n) #define scan_autolink_uri(c, n) _scan_at(&_scan_autolink_uri, c, n) @@ -47,6 +48,7 @@ bufsize_t _scan_entity(const unsigned char *p); #define scan_open_code_fence(c, n) _scan_at(&_scan_open_code_fence, c, n) #define scan_close_code_fence(c, n) _scan_at(&_scan_close_code_fence, c, n) #define scan_entity(c, n) _scan_at(&_scan_entity, c, n) +#define scan_dangerous_url(c, n) _scan_at(&_scan_dangerous_url, c, n) #ifdef __cplusplus } |