forked from cory/tildefriends
security: Use commonmarkjs with {safe: true} as intended.
This commit is contained in:
parent
9b00b41a1e
commit
559504ae29
@ -1,5 +1,5 @@
|
|||||||
{
|
{
|
||||||
"type": "tildefriends-app",
|
"type": "tildefriends-app",
|
||||||
"emoji": "📜",
|
"emoji": "📜",
|
||||||
"previous": "&miGORZ8BwjHg2YO0t4bms6SI28XWPYqnqOZ8u9zsbZc=.sha256"
|
"previous": "&BEf0nraBdHk/+PWqx6tOSu5rheWVaxaL7orAOz3285M=.sha256"
|
||||||
}
|
}
|
||||||
|
@ -21,7 +21,7 @@ function* treeify(prefix, o) {
|
|||||||
|
|
||||||
function markdown(md) {
|
function markdown(md) {
|
||||||
let parsed = new commonmark.Parser().parse(md ?? '*undocumented*');
|
let parsed = new commonmark.Parser().parse(md ?? '*undocumented*');
|
||||||
return new commonmark.HtmlRenderer().render(parsed);
|
return new commonmark.HtmlRenderer({safe: true}).render(parsed);
|
||||||
}
|
}
|
||||||
|
|
||||||
function document(api) {
|
function document(api) {
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
{
|
{
|
||||||
"type": "tildefriends-app",
|
"type": "tildefriends-app",
|
||||||
"emoji": "🪵",
|
"emoji": "🪵",
|
||||||
"previous": "&TIrBnpN3iz3O9L9MCCteAcVJZjA83EKdcfu4SCM76VE=.sha256"
|
"previous": "&3jabNEk6W2uolzTvfXX6fcWF50N3501vtgZ6ZxFVJ1s=.sha256"
|
||||||
}
|
}
|
||||||
|
@ -52,8 +52,8 @@ export async function get_blog_message(id) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
export function markdown(md) {
|
export function markdown(md) {
|
||||||
let reader = new commonmark.Parser({safe: true});
|
let reader = new commonmark.Parser();
|
||||||
let writer = new commonmark.HtmlRenderer();
|
let writer = new commonmark.HtmlRenderer({safe: true});
|
||||||
let parsed = reader.parse(md || '');
|
let parsed = reader.parse(md || '');
|
||||||
let walker = parsed.walker();
|
let walker = parsed.walker();
|
||||||
let event, node;
|
let event, node;
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
{
|
{
|
||||||
"type": "tildefriends-app",
|
"type": "tildefriends-app",
|
||||||
"emoji": "🦟",
|
"emoji": "🦟",
|
||||||
"previous": "&cUqvSDUls3jn0haD85LPFAGdkc8wFuy347TtATNcJgg=.sha256"
|
"previous": "&4QfQjoCbdmCRu0nIBdOFiHBydYlDyyXrWqve6ELAmKA=.sha256"
|
||||||
}
|
}
|
||||||
|
@ -61,8 +61,8 @@ function image(node, entering) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
export function markdown(md) {
|
export function markdown(md) {
|
||||||
var reader = new commonmark.Parser({safe: true});
|
var reader = new commonmark.Parser();
|
||||||
var writer = new commonmark.HtmlRenderer();
|
var writer = new commonmark.HtmlRenderer({safe: true});
|
||||||
writer.image = image;
|
writer.image = image;
|
||||||
var parsed = reader.parse(md || '');
|
var parsed = reader.parse(md || '');
|
||||||
parsed = linkify.transform(parsed);
|
parsed = linkify.transform(parsed);
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
{
|
{
|
||||||
"type": "tildefriends-app",
|
"type": "tildefriends-app",
|
||||||
"emoji": "📝",
|
"emoji": "📝",
|
||||||
"previous": "&b//KqE4Vx6kOSBRODK1p/8wjOLKZJ+CBB5IkaBt5YsM=.sha256"
|
"previous": "&5LpOTEnor/rYFk3axyfmmehAoq9aEwNQRH4jwNhRQ7o=.sha256"
|
||||||
}
|
}
|
||||||
|
@ -18,8 +18,8 @@ class TfJournalEntryElement extends LitElement {
|
|||||||
}
|
}
|
||||||
|
|
||||||
markdown(md) {
|
markdown(md) {
|
||||||
var reader = new commonmark.Parser({safe: true});
|
var reader = new commonmark.Parser();
|
||||||
var writer = new commonmark.HtmlRenderer();
|
var writer = new commonmark.HtmlRenderer({safe: true});
|
||||||
var parsed = reader.parse(md || '');
|
var parsed = reader.parse(md || '');
|
||||||
return writer.render(parsed);
|
return writer.render(parsed);
|
||||||
}
|
}
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
{
|
{
|
||||||
"type": "tildefriends-app",
|
"type": "tildefriends-app",
|
||||||
"emoji": "🐌",
|
"emoji": "🐌",
|
||||||
"previous": "&+UZSxjoucLAl5r/nfRNu5KXx3K/PdutGnizL/Cn2eCU=.sha256"
|
"previous": "&GDAJLaMKjeSXooWgpbw7G/40hgtRT1mYVK2twtEhWHA=.sha256"
|
||||||
}
|
}
|
||||||
|
@ -81,8 +81,8 @@ function attrs(node) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
export function markdown(md) {
|
export function markdown(md) {
|
||||||
let reader = new commonmark.Parser({safe: true});
|
let reader = new commonmark.Parser();
|
||||||
let writer = new commonmark.HtmlRenderer();
|
let writer = new commonmark.HtmlRenderer({safe: true});
|
||||||
writer.image = image;
|
writer.image = image;
|
||||||
writer.code = code;
|
writer.code = code;
|
||||||
writer.attrs = attrs;
|
writer.attrs = attrs;
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
{
|
{
|
||||||
"type": "tildefriends-app",
|
"type": "tildefriends-app",
|
||||||
"emoji": "📝",
|
"emoji": "📝",
|
||||||
"previous": "&DaYqKHRBKhjFGaOzbKZ1+/pLspJeEkDJYTF2B50tH6k=.sha256"
|
"previous": "&4F4D8+QlJVaxXywChQrNTdSV4Y3TvJ0xxqdq/i9HUWA=.sha256"
|
||||||
}
|
}
|
||||||
|
@ -2,8 +2,8 @@ import * as utils from './utils.js';
|
|||||||
import * as commonmark from './commonmark.min.js';
|
import * as commonmark from './commonmark.min.js';
|
||||||
|
|
||||||
function markdown(md) {
|
function markdown(md) {
|
||||||
let reader = new commonmark.Parser({safe: true});
|
let reader = new commonmark.Parser();
|
||||||
let writer = new commonmark.HtmlRenderer();
|
let writer = new commonmark.HtmlRenderer({safe: true});
|
||||||
let parsed = reader.parse(md || '');
|
let parsed = reader.parse(md || '');
|
||||||
let walker = parsed.walker();
|
let walker = parsed.walker();
|
||||||
let event;
|
let event;
|
||||||
|
@ -20,8 +20,8 @@ class TfWikiDocElement extends LitElement {
|
|||||||
}
|
}
|
||||||
|
|
||||||
markdown(md) {
|
markdown(md) {
|
||||||
let reader = new commonmark.Parser({safe: true});
|
let reader = new commonmark.Parser();
|
||||||
let writer = new commonmark.HtmlRenderer();
|
let writer = new commonmark.HtmlRenderer({safe: true});
|
||||||
let parsed = reader.parse(md || '');
|
let parsed = reader.parse(md || '');
|
||||||
let walker = parsed.walker();
|
let walker = parsed.walker();
|
||||||
let event;
|
let event;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user