Commit graph

5 commits

Author SHA1 Message Date
ArthurHoaro
cb7940e2de Fix hashtags with markdown escape enabled
They're now transformed to markdown syntax links before processing them through Parsedown.

Fixes #1210
2018-08-14 12:26:51 +02:00
ArthurHoaro
c5ee13181e Update parsedown to its latest version instead of fixed 1.6 2018-03-31 13:00:13 +02:00
ArthurHoaro
86ceea054f Add a whitelist of protocols for URLs
- for Shaare
 - for markdown description links and images

Not whitelisted protocols will be replaced by `http://`
2017-05-25 14:58:34 +02:00
ArthurHoaro
e037610115 Add markdown_escape setting
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.

More info:

  * the setting is set to true by default
  * it is set to false for anyone who already have the plugin enabled
  (avoid breaking existing entries)
  * improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
  * mention the setting in the plugin README
2017-02-28 19:16:54 +01:00
ArthurHoaro
c5941f316a Fix an issue with links not being reversed in code blocks
Fixes #672

+ Markdown to HTML unit test
2016-10-22 11:13:48 +02:00