How it works:
1. when a fulltext search is made, Shaarli looks for the first
occurence position of every term matching the search. No change here,
but we store these positions in an array, in Bookmark's additionalContent.
2. when formatting bookmarks (through BookmarkFormatter
implementation):
1. first we insert specific tokens at every search result positions
2. we format the content (escape HTML, apply markdown, etc.)
3. as a last step, we replace our token with displayable span
elements
Cons: this tightens coupling between search filters and formatters
Pros: it was absolutely necessary not to perform the
search twice. this solution has close to no impact on performances.
Fixes#205
XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list.
Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong.
The new bookmark service wasn't handling private tags properly.
nomarkdown tag is now shown only for logged in user in bookmarks, and hidden for everyone in tag clouds/lists.
Fixes#726