1
1
mirror of https://github.com/go-gitea/gitea synced 2025-10-26 08:58:24 +00:00

Not working, but slightly better...

This commit is contained in:
Kim "BKC" Carlbäcker
2016-01-27 21:48:57 +01:00
parent d943429672
commit 1ab8a60d73
4 changed files with 16 additions and 11 deletions

View File

@@ -340,7 +340,7 @@ OUTER_LOOP:
func RenderMarkdown(rawBytes []byte, urlPrefix string, metas map[string]string) []byte {
result := RenderRawMarkdown(rawBytes, urlPrefix)
result = PostProcessMarkdown(result, urlPrefix, metas)
result = BuildSanitizer().SanitizeBytes(result)
result = Sanitizer.SanitizeBytes(result)
return result
}

View File

@@ -31,18 +31,20 @@ import (
"github.com/gogits/gogs/modules/setting"
)
func BuildSanitizer() (p *bluemonday.Policy) {
p = bluemonday.UGCPolicy()
p.AllowAttrs("class").Matching(regexp.MustCompile(`[\p{L}\p{N}\s\-_',:\[\]!\./\\\(\)&]*`)).OnElements("code")
var Sanitizer = bluemonday.UGCPolicy()
p.AllowAttrs("type").Matching(regexp.MustCompile(`^checkbox$`)).OnElements("input")
p.AllowAttrs("checked", "disabled").OnElements("input")
p.AllowURLSchemes(setting.Markdown.CustomURLSchemes...)
return p
func BuildSanitizer() {
// Normal markdown-stuff
Sanitizer.AllowAttrs("class").Matching(regexp.MustCompile(`[\p{L}\p{N}\s\-_',:\[\]!\./\\\(\)&]*`)).OnElements("code")
// Checkboxes
Sanitizer.AllowAttrs("type").Matching(regexp.MustCompile(`^checkbox$`)).OnElements("input")
Sanitizer.AllowAttrs("checked", "disabled").OnElements("input")
// Custom URL-Schemes
Sanitizer.AllowURLSchemes(setting.Markdown.CustomURLSchemes...)
}
var Sanitizer = BuildSanitizer()
// EncodeMD5 encodes string to md5 hex value.
func EncodeMD5(str string) string {
m := md5.New()