| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
- for Shaare
- for markdown description links and images
Not whitelisted protocols will be replaced by `http://`
|
| |
|
|
|
|
|
|
|
|
|
| |
Namespaces have been introduced with the REST API, and should be generalized
to the whole codebase to manage object scope and benefit from autoloading.
See:
- https://secure.php.net/manual/en/language.namespaces.php
- http://www.php-fig.org/psr/psr-4/
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.
More info:
* the setting is set to true by default
* it is set to false for anyone who already have the plugin enabled
(avoid breaking existing entries)
* improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
* mention the setting in the plugin README
|
| |
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
|
|
|
|
|
|
|
|
|
| |
* make sure we match exactly `nomarkdown` tag
* pass the whole link data to stripNoMarkdownTag() to:
* strip the noMD tag in taglist (array)
* strip the tag in tags (string)
Fixes #689
tmp
|
| |
|
|
|
|
| |
Fixes #672
+ Markdown to HTML unit test
|
| |
|
|
| |
A private tag is never loaded for visitor, making this feature useless.
|
| |
|
|
|
|
| |
parsed with markdown
Also add the tag in tag list in edit_link, so it will appear on autocompletion.
|
| |
|
|
| |
Instead of trying to fix broken content for Markdown parsing, parse it unescaped, then sanatize sensible tags such as scripts, etc.
|
|
|
Parse link description in Markdown (HTML) before rendering.
* hard remove of Shaarli's HTML before parsing.
* Using Parsedown <https://github.com/erusev/parsedown> PHP lib.
* Includes basic markdown CSS.
* Style: removed 400px height max limit for shaares.
* Unit tests.
|
