mirror of
https://github.com/discourse/discourse.git
synced 2024-11-30 23:35:44 +08:00
Better Support for whitelisting caja tags
This commit is contained in:
parent
9b86d1507d
commit
f10f9585ae
|
@ -11,7 +11,8 @@ var parser = window.BetterMarkdown,
|
||||||
dialect = MD.dialects.Discourse = DialectHelpers.subclassDialect( MD.dialects.Gruber ),
|
dialect = MD.dialects.Discourse = DialectHelpers.subclassDialect( MD.dialects.Gruber ),
|
||||||
initialized = false,
|
initialized = false,
|
||||||
emitters = [],
|
emitters = [],
|
||||||
hoisted;
|
hoisted,
|
||||||
|
preProcessors = [];
|
||||||
|
|
||||||
/**
|
/**
|
||||||
Initialize our dialects for processing.
|
Initialize our dialects for processing.
|
||||||
|
@ -165,6 +166,11 @@ Discourse.Dialect = {
|
||||||
**/
|
**/
|
||||||
cook: function(text, opts) {
|
cook: function(text, opts) {
|
||||||
if (!initialized) { initializeDialects(); }
|
if (!initialized) { initializeDialects(); }
|
||||||
|
|
||||||
|
preProcessors.forEach(function(p) {
|
||||||
|
text = p(text);
|
||||||
|
});
|
||||||
|
|
||||||
hoisted = {};
|
hoisted = {};
|
||||||
dialect.options = opts;
|
dialect.options = opts;
|
||||||
var tree = parser.toHTMLTree(text, 'Discourse'),
|
var tree = parser.toHTMLTree(text, 'Discourse'),
|
||||||
|
@ -188,6 +194,14 @@ Discourse.Dialect = {
|
||||||
return result.trim();
|
return result.trim();
|
||||||
},
|
},
|
||||||
|
|
||||||
|
/**
|
||||||
|
Adds a text pre-processor. Use only if necessary, as a dialect
|
||||||
|
that emits JsonML is much better if possible.
|
||||||
|
**/
|
||||||
|
addPreProcessor: function(preProc) {
|
||||||
|
preProcessors.push(preProc);
|
||||||
|
},
|
||||||
|
|
||||||
/**
|
/**
|
||||||
Registers an inline replacer function
|
Registers an inline replacer function
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,8 @@
|
||||||
**/
|
**/
|
||||||
var _validClasses = {},
|
var _validClasses = {},
|
||||||
_validIframes = [],
|
_validIframes = [],
|
||||||
_validTags = {};
|
_validTags = {},
|
||||||
|
_decoratedCaja = false;
|
||||||
|
|
||||||
function validateAttribute(tagName, attribName, value) {
|
function validateAttribute(tagName, attribName, value) {
|
||||||
var tag = _validTags[tagName];
|
var tag = _validTags[tagName];
|
||||||
|
@ -198,6 +199,20 @@ Discourse.Markdown = {
|
||||||
// Allow things like <3 and <_<
|
// Allow things like <3 and <_<
|
||||||
text = text.replace(/<([^A-Za-z\/\!]|$)/g, "<$1");
|
text = text.replace(/<([^A-Za-z\/\!]|$)/g, "<$1");
|
||||||
|
|
||||||
|
// The first time, let's add some more whitelisted tags
|
||||||
|
if (!_decoratedCaja) {
|
||||||
|
|
||||||
|
// Add anything whitelisted to the list of elements if it's not in there
|
||||||
|
// already.
|
||||||
|
var elements = window.html4.ELEMENTS;
|
||||||
|
Ember.keys(_validTags).forEach(function(t) {
|
||||||
|
if (!elements[t]) {
|
||||||
|
elements[t] = 0;
|
||||||
|
}
|
||||||
|
});
|
||||||
|
_decoratedCaja = true;
|
||||||
|
}
|
||||||
|
|
||||||
return window.html_sanitize(text, Discourse.Markdown.urlAllowed, validateAttribute);
|
return window.html_sanitize(text, Discourse.Markdown.urlAllowed, validateAttribute);
|
||||||
},
|
},
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user