Age | Commit message (Collapse) | Author |
|
|
|
Closes #97.
This was also checked against the #82 case with asan.
|
|
Conforms to latest change in spec.
|
|
We no longer use a whitelist of valid schemes.
|
|
Check for offset greater than string length.
|
|
If the input is null, we can just return 0.
|
|
This fixes the heap buffer overflow reported in #82.
Closes #82.
|
|
CMARK_NODE_HRULE -> CMARK_NODE_THEMATIC_BREAK.
However we've defined the former as the latter to keep
backwards compatibility.
See jgm/CommonMark 8fa94cb460f5e516b0e57adca33f50a669d51f6c
|
|
See jgm/CommonMark commit 0cdbcee4e840abd0ac7db93797b2b75ca4104314
Note that we have defined
cmark_node_get_header_level = cmark_node_get_heading_level
and
cmark_node_set_header_level = camrk_node_set_heading_level
for backwards compatibility in the API.
|
|
Closes #81.
|
|
|
|
See jgm/CommonMark#355. Pre is handled separately in rule 1
and needn't be handled in rule 6.
|
|
* Added `CMARK_OPT_SAFE`. This option disables rendering of raw HTML
and potentially dangerous links.
* Added `--safe` option in command-line program.
* Updated `cmark.3` man page.
* Added `scan_dangerous_url` to scanners.
* In HTML, suppress rendering of raw HTML and potentially dangerous
links if `CMARK_OPT_SAFE`. Dangerous URLs are those that begin
with `javascript:`, `vbscript:`, `file:`, or `data:` (except for
`image/png`, `image/gif`, `image/jpeg`, or `image/webp` mime types).
* Added `api_test` for `OPT_CMARK_SAFE`.
* Rewrote `README.md` on security.
|
|
re2c returns the longest match, so we were getting bad
results with
[link](foo\(and\(bar\)\))
which it would parse as containing a bare `\` followed by
an in-parens chunk ending with the final paren.
|
|
This allows for custom tags, see jgm/CommonMark#239.
|
|
* Rewrote spec for HTML blocks. A few other spec examples
also changed as a result.
* Removed old `html_block_tag` scanner. Added new
`html_block_start` and `html_block_start_7`, as well
as `html_block_end_n` for n = 1-5.
* Rewrote block parser for new HTML block spec.
|
|
|
|
See jgm/commonmark#45.
|
|
There are probably a couple of places I missed. But this will only
be a problem if we use a 64-bit bufsize_t at some point. Then, we'll
get warnings from -Wshorten-64-to-32.
|
|
|
|
This is used in the commonmark renderer.
|
|
|
|
Backslash escapes not allowed in autolinks.
|
|
This is a more logical arrangement and follows recent changes to
the JS implementation.
|
|
Note: this only affects inline parsing. Block parsing
is handled differently.
|
|
|
|
|
|
|
|
We now handle properly `<?php echo '>'; ?>`.
Closes #117.
|
|
|
|
|
|
|
|
|
|
Closes #88.
|
|
Fixed in spec and both implementations. Closes #67.
|
|
|