| Age | Commit message (Collapse) | Author |
|---|
|
Removes CMARK_OPT_SAFE from options.
Adds CMARK_OPT_UNSAFE, with the opposite meaning.
The new default behavior is to suppress raw HTML and
potentially dangerous links. The CMARK_OPT_UNSAFE
option has to be set explicitly to prevent this.
--------------------------------------------------------
NOTE: This change will require modifications in
bindings for cmark and in most libraries and programs
that use cmark.
--------------------------------------------------------
Closes #239, #273.
Borrows heavily from @kivikakk's patch in github/cmark-gfm#123.
|
|
|
|
|
|
They're not supported by MSVC.
|
|
Newer MSVC versions support enough of C99 to be able to compile cmark
in plain C mode. Only the "inline" keyword is still unsupported.
We have to use "__inline" instead.
|
|
|
|
It's sufficient to check that the info string is empty.
Indeed, those who use the API may well create a code block
with an info string without explicitly setting 'fenced'.
|
|
API change. Sorry, but this is the time to break things,
before 1.0 is released. This matches the recent changes to
CommonMark.dtd.
|
|
CMARK_NODE_HRULE -> CMARK_NODE_THEMATIC_BREAK.
However we've defined the former as the latter to keep
backwards compatibility.
See jgm/CommonMark 8fa94cb460f5e516b0e57adca33f50a669d51f6c
|
|
Defined CMARK_NODE_HEADER to CMARK_NODE_HEADING to ease
the transition.
|
|
See jgm/CommonMark commit 0cdbcee4e840abd0ac7db93797b2b75ca4104314
Note that we have defined
cmark_node_get_header_level = cmark_node_get_heading_level
and
cmark_node_set_header_level = camrk_node_set_heading_level
for backwards compatibility in the API.
|
|
|
|
Instead of using their `as.literal` content, we now
give each custom node *two* literal fields, one to
be printed on entering the node (before rendering
the children, if any), the other on exiting (after
rendering children).
This gives us the flexibility to have custom nodes
with children.
|
|
|
|
These are passed through verbatim by all writers, with no
escaping.
They are never generated by the parser, and do not correspond
to CommonMark elements. They are designed to be inserted by
filters that postprocess the AST. For example, a filter might
convert specially marked code blocks to svg diagrams in HTML
and tikz diagrams in LaTeX, passing these through to the renderer
as a RAW_BLOCK.
|
|
|
|
|
|
* Reformatted all source files.
* Added 'format' target to Makefile.
* Removed 'astyle' target.
* Updated .editorconfig.
|
|
|
|
|
|
* Added `CMARK_OPT_SAFE`. This option disables rendering of raw HTML
and potentially dangerous links.
* Added `--safe` option in command-line program.
* Updated `cmark.3` man page.
* Added `scan_dangerous_url` to scanners.
* In HTML, suppress rendering of raw HTML and potentially dangerous
links if `CMARK_OPT_SAFE`. Dangerous URLs are those that begin
with `javascript:`, `vbscript:`, `file:`, or `data:` (except for
`image/png`, `image/gif`, `image/jpeg`, or `image/webp` mime types).
* Added `api_test` for `OPT_CMARK_SAFE`.
* Rewrote `README.md` on security.
|
|
See jgm/commonmark.js#54.
|
|
|
|
|
|
There are probably a couple of places I missed. But this will only
be a problem if we use a 64-bit bufsize_t at some point. Then, we'll
get warnings from -Wshorten-64-to-32.
|
|
|
|
|
|
For consistency with the API.
|
|
|
|
This allows backslash escapes to disable smart quote
transformations in particular cases.
Closes #8.
|
|
Also fixed some bugs in earlier smart handling. Now handles
UTF-8.
|
|
|
|
All tests now pass.
|
|
So far this is only implemented for the HTML renderer.
Ultimately some of this should be factored out into a form that
can be used in other renderers.
|
|
|
|
|
|
|
|
To keep the API simple and avoid API changes when new options are
added, this is just a long integer.
Set it by disjoining options that are defined as powers of 2: e.g.
`CMARK_HTML_SOURCEPOS | CMARK_HTML_HARDREAKS`.
Test options using `&`: `if (options & CMARK_HTML_SOURCEPOS)`.
Added `--hardbreaks` and `--sourcepos` command-line options.
|
|
|
|
In the last few commits we were using as.code.fenced and as.literal at
the same time for NODE_CODE_BLOCK, which obviously led to problems.
|
|
|
|
Reverts 225d720.
|
|
|
|
This is for consistency with the other types of nodes that have
literal strings as contents.
|
|
For completeness.
|
|
|
|
* Added `iterator.c`, `iterator.h`.
* Removed `cmark_walk`.
* Replaced `cmark_walk` with iterator in HTML renderer.
* Replaced API test for `cmark_walk` with simple iterator test.
|
|
Added cmark_event_type enum, which is used as the second
parameter of the handler passed to cmark_walk.
See #224.
|
|
Modified finalize in blocks.c to return parent of finalized
block, so we can handle the case of reference definitions,
when we simply remove the finalized block.
|
|
This reverts commit b598b52a4acdc2332be3d34e30237d1b93b7dd03.
The change led to some problems, because some of the callers
of 'finalize' expected the node to exist after the call.
This could all be rewritten, but for now let's just revert.
|
