From ac39623d667999cfae1444b46508a9a423b0df1b Mon Sep 17 00:00:00 2001 From: John MacFarlane Date: Mon, 13 Jul 2015 09:21:35 -0700 Subject: Added `CMARK_OPT_SAFE` option and `--safe` command-line flag. * Added `CMARK_OPT_SAFE`. This option disables rendering of raw HTML and potentially dangerous links. * Added `--safe` option in command-line program. * Updated `cmark.3` man page. * Added `scan_dangerous_url` to scanners. * In HTML, suppress rendering of raw HTML and potentially dangerous links if `CMARK_OPT_SAFE`. Dangerous URLs are those that begin with `javascript:`, `vbscript:`, `file:`, or `data:` (except for `image/png`, `image/gif`, `image/jpeg`, or `image/webp` mime types). * Added `api_test` for `OPT_CMARK_SAFE`. * Rewrote `README.md` on security. --- api_test/main.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'api_test/main.c') diff --git a/api_test/main.c b/api_test/main.c index 104371c..dfb5483 100644 --- a/api_test/main.c +++ b/api_test/main.c @@ -713,6 +713,21 @@ numeric_entities(test_batch_runner *runner) "Max hexadecimal entity length"); } +static void +test_safe(test_batch_runner *runner) +{ + // Test safe mode + static const char raw_html[] = + "
\nhi\n
\n\nhi\n[link](JAVAscript:alert('hi'))\n![image](file:my.js)\n"; + char *html = cmark_markdown_to_html(raw_html, + sizeof(raw_html) - 1, + CMARK_OPT_DEFAULT | + CMARK_OPT_SAFE); + STR_EQ(runner, html, "\n

hi\nlink\n\"image\"

\n", + "input with raw HTML and dangerous links"); + free(html); +} + static void test_md_to_html(test_batch_runner *runner, const char *markdown, const char *expected_html, const char *msg) @@ -741,6 +756,7 @@ int main() { line_endings(runner); numeric_entities(runner); test_cplusplus(runner); + test_safe(runner); test_print_summary(runner); retval = test_ok(runner) ? 0 : 1; -- cgit v1.2.3