mirror of
				https://github.com/go-gitea/gitea
				synced 2025-10-26 00:48:29 +00:00 
			
		
		
		
	Refactor markup render system (#32533)
Remove unmaintainable sanitizer rules. No need to add special "class" regexp rules anymore, use RenderInternal.SafeAttr instead, more details (and examples) are in the tests
This commit is contained in:
		| @@ -1,16 +0,0 @@ | ||||
| // Copyright 2019 The Gitea Authors. All rights reserved. | ||||
| // SPDX-License-Identifier: MIT | ||||
|  | ||||
| package common | ||||
|  | ||||
| import ( | ||||
| 	"mvdan.cc/xurls/v2" | ||||
| ) | ||||
|  | ||||
| // NOTE: All below regex matching do not perform any extra validation. | ||||
| // Thus a link is produced even if the linked entity does not exist. | ||||
| // While fast, this is also incorrect and lead to false positives. | ||||
| // TODO: fix invalid linking issue | ||||
|  | ||||
| // LinkRegex is a regexp matching a valid link | ||||
| var LinkRegex, _ = xurls.StrictMatchingScheme("https?://") | ||||
| @@ -9,15 +9,27 @@ package common | ||||
| import ( | ||||
| 	"bytes" | ||||
| 	"regexp" | ||||
| 	"sync" | ||||
|  | ||||
| 	"github.com/yuin/goldmark" | ||||
| 	"github.com/yuin/goldmark/ast" | ||||
| 	"github.com/yuin/goldmark/parser" | ||||
| 	"github.com/yuin/goldmark/text" | ||||
| 	"github.com/yuin/goldmark/util" | ||||
| 	"mvdan.cc/xurls/v2" | ||||
| ) | ||||
|  | ||||
| var wwwURLRegxp = regexp.MustCompile(`^www\.[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}((?:/|[#?])[-a-zA-Z0-9@:%_\+.~#!?&//=\(\);,'">\^{}\[\]` + "`" + `]*)?`) | ||||
| type GlobalVarsType struct { | ||||
| 	wwwURLRegxp *regexp.Regexp | ||||
| 	LinkRegex   *regexp.Regexp // fast matching a URL link, no any extra validation. | ||||
| } | ||||
|  | ||||
| var GlobalVars = sync.OnceValue[*GlobalVarsType](func() *GlobalVarsType { | ||||
| 	v := &GlobalVarsType{} | ||||
| 	v.wwwURLRegxp = regexp.MustCompile(`^www\.[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}((?:/|[#?])[-a-zA-Z0-9@:%_\+.~#!?&//=\(\);,'">\^{}\[\]` + "`" + `]*)?`) | ||||
| 	v.LinkRegex, _ = xurls.StrictMatchingScheme("https?://") | ||||
| 	return v | ||||
| }) | ||||
|  | ||||
| type linkifyParser struct{} | ||||
|  | ||||
| @@ -60,10 +72,10 @@ func (s *linkifyParser) Parse(parent ast.Node, block text.Reader, pc parser.Cont | ||||
| 	var protocol []byte | ||||
| 	typ := ast.AutoLinkURL | ||||
| 	if bytes.HasPrefix(line, protoHTTP) || bytes.HasPrefix(line, protoHTTPS) || bytes.HasPrefix(line, protoFTP) { | ||||
| 		m = LinkRegex.FindSubmatchIndex(line) | ||||
| 		m = GlobalVars().LinkRegex.FindSubmatchIndex(line) | ||||
| 	} | ||||
| 	if m == nil && bytes.HasPrefix(line, domainWWW) { | ||||
| 		m = wwwURLRegxp.FindSubmatchIndex(line) | ||||
| 		m = GlobalVars().wwwURLRegxp.FindSubmatchIndex(line) | ||||
| 		protocol = []byte("http") | ||||
| 	} | ||||
| 	if m != nil { | ||||
|   | ||||
		Reference in New Issue
	
	Block a user