Commit graph

18 commits

Author SHA1 Message Date
ArthurHoaro
9ff17ae20e Add markdown_escape setting
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.

More info:

  * the setting is set to true by default
  * it is set to false for anyone who already have the plugin enabled
  (avoid breaking existing entries)
  * improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
  * mention the setting in the plugin README
2017-03-04 09:38:12 +01:00
Arthur
19b3930ff3 Merge pull request #701 from ArthurHoaro/plugins/md-html-doc
Describe markdown HTML rendering and display a warning
2016-12-03 08:52:12 +01:00
ArthurHoaro
3d8f5cf84b Describe markdown HTML rendering and display a warning
Fixes #688
2016-12-01 12:44:37 +01:00
ArthurHoaro
266e3fe5c8 Markdown: fixes feed rendering with nomarkdown tag
* make sure we match exactly `nomarkdown` tag
 * pass the whole link data to stripNoMarkdownTag() to:
   * strip the noMD tag in taglist (array)
   * strip the tag in tags (string)

Fixes #689

tmp
2016-11-22 10:26:03 +01:00
ArthurHoaro
c5941f316a Fix an issue with links not being reversed in code blocks
Fixes #672

+ Markdown to HTML unit test
2016-10-22 11:13:48 +02:00
ArthurHoaro
e680cfea08 Use Composer to import Parsedown library
Reference #613
2016-10-22 11:13:13 +02:00
ArthurHoaro
9ccca40189 Hashtag system
* Hashtag are auto-linked with a filter search
  * Supports unicode
  * Compatible with markdown (excluded in code blocks)
2016-06-06 21:04:43 +02:00
ArthurHoaro
8c4e60186d The tag is no longer private
A private tag is never loaded for visitor, making this feature useless.
2016-05-30 18:51:00 +02:00
ArthurHoaro
e8b65d5f35 Markdown: inline code background color 2016-05-13 19:57:01 +02:00
ArthurHoaro
635d38c241 Process feeds content with Markdown 2016-03-26 17:13:58 +01:00
ArthurHoaro
340252ae5d Update markdown plugin README documentation
* Add the `.nomarkdown` section.
  * Update misleading statements.
2016-03-26 16:43:14 +01:00
ArthurHoaro
3ce20d9e84 Markdown: Add the 'meta-tag' .nomarkdown which prevent a shaare from being parsed with markdown
Also add the tag in tag list in edit_link, so it will appear on autocompletion.
2016-03-21 18:46:34 +01:00
kalvn
841df2dd55 Avoids populating a markdown empty container if there's no description. 2016-02-28 18:24:30 +01:00
Arthur
10269bc8c9 Merge pull request #491 from ArthurHoaro/markdown-escape2
Markdown: don't escape content + sanitize sensible tags
2016-02-25 08:52:42 +01:00
ArthurHoaro
2925687e1e Markdown: don't escape content + sanitize sensible tags
Instead of trying to fix broken content for Markdown parsing, parse it unescaped, then sanatize sensible tags such as scripts, etc.
2016-02-19 19:37:13 +01:00
Nicolas Danelon
01abde4f14 adding styles for code & pre tags 2016-02-19 09:58:01 -03:00
ArthurHoaro
1456358240 Fixes forced git changes
Probably related to the introduction of .gitattribute with forced line ending.
2016-01-31 19:22:14 +01:00
ArthurHoaro
1be4afacf9 PLUGIN Markdown
Parse link description in Markdown (HTML) before rendering.

      * hard remove of Shaarli's HTML before parsing.
      * Using Parsedown <https://github.com/erusev/parsedown> PHP lib.
      * Includes basic markdown CSS.
      * Style: removed 400px height max limit for shaares.
      * Unit tests.
2016-01-03 17:36:10 +01:00