Age | Commit message (Collapse) | Author |
|
|
|
* Added `CMARK_OPT_SAFE`. This option disables rendering of raw HTML
and potentially dangerous links.
* Added `--safe` option in command-line program.
* Updated `cmark.3` man page.
* Added `scan_dangerous_url` to scanners.
* In HTML, suppress rendering of raw HTML and potentially dangerous
links if `CMARK_OPT_SAFE`. Dangerous URLs are those that begin
with `javascript:`, `vbscript:`, `file:`, or `data:` (except for
`image/png`, `image/gif`, `image/jpeg`, or `image/webp` mime types).
* Added `api_test` for `OPT_CMARK_SAFE`.
* Rewrote `README.md` on security.
|
|
See jgm/commonmark.js#54.
|
|
|
|
|
|
There are probably a couple of places I missed. But this will only
be a problem if we use a 64-bit bufsize_t at some point. Then, we'll
get warnings from -Wshorten-64-to-32.
|
|
|
|
|
|
For consistency with the API.
|
|
|
|
This allows backslash escapes to disable smart quote
transformations in particular cases.
Closes #8.
|
|
Also fixed some bugs in earlier smart handling. Now handles
UTF-8.
|
|
|
|
All tests now pass.
|
|
So far this is only implemented for the HTML renderer.
Ultimately some of this should be factored out into a form that
can be used in other renderers.
|
|
|
|
|
|
|
|
To keep the API simple and avoid API changes when new options are
added, this is just a long integer.
Set it by disjoining options that are defined as powers of 2: e.g.
`CMARK_HTML_SOURCEPOS | CMARK_HTML_HARDREAKS`.
Test options using `&`: `if (options & CMARK_HTML_SOURCEPOS)`.
Added `--hardbreaks` and `--sourcepos` command-line options.
|
|
|
|
In the last few commits we were using as.code.fenced and as.literal at
the same time for NODE_CODE_BLOCK, which obviously led to problems.
|
|
|
|
Reverts 225d720.
|
|
|
|
This is for consistency with the other types of nodes that have
literal strings as contents.
|
|
For completeness.
|
|
|
|
* Added `iterator.c`, `iterator.h`.
* Removed `cmark_walk`.
* Replaced `cmark_walk` with iterator in HTML renderer.
* Replaced API test for `cmark_walk` with simple iterator test.
|
|
Added cmark_event_type enum, which is used as the second
parameter of the handler passed to cmark_walk.
See #224.
|
|
Modified finalize in blocks.c to return parent of finalized
block, so we can handle the case of reference definitions,
when we simply remove the finalized block.
|
|
This reverts commit b598b52a4acdc2332be3d34e30237d1b93b7dd03.
The change led to some problems, because some of the callers
of 'finalize' expected the node to exist after the call.
This could all be rewritten, but for now let's just revert.
|
|
There's no reason to store these empty nodes in the API.
The references have already been resolved.
|
|
This version is shorter, more readable, and more regular.
It should serve as a template for creating new writers.
Performance is the same. All tests pass.
|
|
The separate directory presents problems for some simple
extension building systems, like luarocks.
|
|
|
|
|
|
|