all repos — grayfriday @ 55d8f72ddede11ea2eed7abe74a218a43444992b

blackfriday fork with a few changes

55d8f72d
feat: Write self-closing tags with a />

Adds tests for self-closing tags both for correct writing and for correct
sanitization, i.e. stripping attributes on them.
Martin Probst martin@probst.io
Sat, 03 May 2014 12:58:25 +0200
50b8e037
Merge pull request #74 from mprobst/sanitize_test

Add a test for the correct handling of escaped entities in HTML.
Vytautas Šaltenis vytas@rtfb.lt
Sat, 03 May 2014 13:58:03 +0300
c76eb634
Merge pull request #71 from mprobst/master

Add support for a bunch more safe HTML element tags, and bring them into...
Vytautas Šaltenis vytas@rtfb.lt
Fri, 02 May 2014 00:55:47 +0300
aeb569ff
Merge pull request #70 from mprobst/master

fix: Handle all different token types that the parser can emit (d'oh).
Vytautas Šaltenis vytas@rtfb.lt
Thu, 01 May 2014 21:59:07 +0300
60ba757e
Merge branch 'gihnius-master'
Vytautas Šaltenis vytas@rtfb.lt
Thu, 01 May 2014 21:46:51 +0300
b44be784
Allow rel attribute in sanitizer

Fixes issue #68.
Vytautas Šaltenis vytas@rtfb.lt
Thu, 01 May 2014 20:49:49 +0300
b54984b7
Merge pull request #69 from mprobst/master

Use go.net/html's parser to sanitize HTML.
Vytautas Šaltenis vytas@rtfb.lt
Thu, 01 May 2014 20:47:17 +0300
3ca168f8
Merge pull request #64 from willnix/master

Add table tags to the whitelist.
Vytautas Šaltenis vytas@rtfb.lt
Sun, 20 Apr 2014 23:15:54 +0300
9c7cf8b1
Merge pull request #61 from shurcooL/feature/dont-expand-tabs-inside-fenced-code-blocks

Don't expand tabs inside fenced code blocks.
Vytautas Šaltenis vytas@rtfb.lt
Sun, 13 Apr 2014 10:56:02 +0300
5bcdd5eb
Merge pull request #60 from shurcooL/fix/fenced-code-block-extra-newline

Fix for potential extra newline added inside fenced code blocks.
Vytautas Šaltenis vytas@rtfb.lt
Sat, 12 Apr 2014 21:58:08 +0300
c5ece173
Merge pull request #59 from johnsto/master

Header ID specifiers
Vytautas Šaltenis vytas@rtfb.lt
Fri, 11 Apr 2014 21:31:27 +0300
1fd57a27
Merge pull request #56 from muhqu/issue/45

Fix for Fenced Code Blocks without a blank line before
Vytautas Šaltenis vytas@rtfb.lt
Tue, 08 Apr 2014 13:00:13 +0300
78dbffcf
Merge pull request #58 from aspic/master

Explicit return byte array at end of function.
Vytautas Šaltenis vytas@rtfb.lt
Sat, 05 Apr 2014 21:48:09 +0300
55bb56bf
Merge pull request #55 from rtfb/master

Autolink fixes
Vytautas Šaltenis vytas@rtfb.lt
Sun, 30 Mar 2014 19:58:39 +0300
d643453f
Merge pull request #50 from rtfb/master

Better protection against JavaScript injection
Vytautas Šaltenis vytas@rtfb.lt
Sun, 30 Mar 2014 19:52:13 +0300
e078bb8e
Merge pull request #52 from laslowh/master

add HTML_NOFOLLOW_LINKS
Vytautas Šaltenis vytas@rtfb.lt
Mon, 10 Mar 2014 21:47:35 +0200
5405274d
Merge pull request #44 from FreakyDazio/safe-relatives

Relative URIs are considered safe
Vytautas Šaltenis vytas@rtfb.lt
Wed, 08 Jan 2014 11:51:13 -0800
0c38d23c
Merge pull request #43 from microcosm-cc/master

Cells in THEAD > TR are now TH.
Vytautas Šaltenis vytas@rtfb.lt
Wed, 08 Jan 2014 11:46:30 -0800
d0e587ac
Change GOROOT references to GOPATH in README
Russ Ross russ@russross.com
Thu, 21 Nov 2013 08:47:41 -0700
48d1f9d9
fix smartypants to pass single backticks through, issue #38
Russ Ross russ@dixie.edu
Tue, 01 Oct 2013 13:55:34 -0600
ca82b8db
panic fix (issue #33) with test case
Russ Ross russ@dixie.edu
Wed, 11 Sep 2013 12:47:43 -0600
472fe3a7
Merge pull request #32 from bertzzie/master

Enable Parsing Inside a Link
Lancee LY.lancee@gmail.com
Sun, 08 Sep 2013 23:16:18 -0700
3f24fadb
Merge pull request #31 from aybabtme/patch-1

Fix typo.
Vytautas Šaltenis Vytautas.Shaltenis@gmail.com
Sun, 01 Sep 2013 11:56:32 -0700
d4bdd8db
update license language to match OSI
Russ Ross russ@russross.com
Wed, 14 Aug 2013 07:43:17 -0600
8395200a
Merge pull request #29 from athom/master

add EXTENSION_NO_EMPTY_LINE_BEFORE_BLOCK flag to make it closer to GFM
Vytautas Šaltenis Vytautas.Shaltenis@gmail.com
Sat, 10 Aug 2013 13:13:13 -0700
264c82ed
Merge pull request #27 from moshee/master

Footnotes (addresses #14)
Vytautas Šaltenis Vytautas.Shaltenis@gmail.com
Mon, 08 Jul 2013 23:03:42 -0700
2336fd31
Merge pull request #22 from rtfb/master

Add some protection against script injection
Vytautas Šaltenis Vytautas.Shaltenis@gmail.com
Tue, 21 May 2013 13:19:17 -0700
015b0af4
Merge pull request #24 from subosito/sample-fixes

Fix table syntax example on README
Russ Ross russ@russross.com
Mon, 20 May 2013 15:15:38 -0700
3c0965e6
Merge pull request #16 from cespare/blockcodegithub_doc_fix

Fix up method documentation formatting for the BlockCodeGithub method.
Russ Ross russ@russross.com
Thu, 22 Nov 2012 18:00:19 -0800
585af8ba
Merge pull request #15 from moshee/master

HTML5
Russ Ross russ@russross.com
Mon, 22 Oct 2012 06:39:47 -0700
b3c64946
recognize fraction slash as well as regular slash to make fractions
Russ Ross russ@russross.com
Sun, 11 Mar 2012 16:10:42 -0600
82ba5850
link directly to blackfriday-tool
Russ Ross russ@russross.com
Wed, 07 Mar 2012 22:12:46 -0700
c317affd
readme updates for go 1
Russ Ross russ@russross.com
Wed, 07 Mar 2012 22:06:07 -0700
a5441fd9
updates for go 1
Russ Ross russ@russross.com
Wed, 07 Mar 2012 21:36:31 -0700
6bc8c7a2
version bump to v1.1
Russ Ross russ@russross.com
Mon, 26 Sep 2011 15:45:49 -0600
b97990f1
permit backslash-escaped vertical bars in tables
Russ Ross russ@dixie.edu
Tue, 13 Sep 2011 16:23:24 -0600
583b3c5e
fixed bug with blank line handling within list items
Russ Ross russ@dixie.edu
Fri, 09 Sep 2011 12:30:45 -0600
b8bc812a
table unit tests and fix for a crash uncovered by them
Russ Ross russ@russross.com
Mon, 25 Jul 2011 11:39:02 -0600
c99557ec
bug in tables when a row has too few columns
Russ Ross russ@russross.com
Mon, 25 Jul 2011 10:23:31 -0600
fbbd3248
tag as version 1.0
Russ Ross russ@russross.com
Tue, 19 Jul 2011 11:42:24 -0600
530123dd
additional doc comments
Russ Ross russ@russross.com
Thu, 07 Jul 2011 12:05:29 -0600
bb8ee591
doc improvements, commenting
Russ Ross russ@russross.com
Thu, 07 Jul 2011 11:56:45 -0600
256ff946
readme tweak
Russ Ross russ@russross.com
Wed, 06 Jul 2011 10:04:30 -0600
60cb261a
readme updates
Russ Ross russ@russross.com
Wed, 06 Jul 2011 10:01:13 -0600
2b87b0e7
simplify naming of parsing functions
Russ Ross russ@russross.com
Tue, 05 Jul 2011 14:22:21 -0600
fb435fe2
finished removing redundant end-of-buffer checks in block parsing; code cleanup
Russ Ross russ@russross.com
Mon, 04 Jul 2011 18:56:29 -0600
e35b4b66
bounds checking stress tests
Russ Ross russ@russross.com
Sun, 03 Jul 2011 10:51:07 -0600
123a149e
missing bounds check
Russ Ross russ@russross.com
Sun, 03 Jul 2011 10:30:28 -0600
bd60e369
removing more redundant checks, additional cleanup of block parsing
Russ Ross russ@dixie.edu
Fri, 01 Jul 2011 14:13:26 -0600
689f6cb7
more consistent spacing of block-level elements
Russ Ross russ@dixie.edu
Fri, 01 Jul 2011 11:19:42 -0600
d4353d99
remove redundant tests for tab characters in parsing
Russ Ross russ@dixie.edu
Fri, 01 Jul 2011 10:03:03 -0600
a99c922b
remove NO_EXPAND_TABS options
Russ Ross russ@dixie.edu
Fri, 01 Jul 2011 09:57:11 -0600
7544368f
removing redundant end-of-buffer checks in block parsing
Russ Ross russ@russross.com
Wed, 29 Jun 2011 20:15:58 -0600
ae9562f6
move whitespace stripping to parser, not renderers
Russ Ross russ@russross.com
Wed, 29 Jun 2011 15:38:35 -0600
d3c82250
corner case spacing issue with table of contents
Russ Ross russ@russross.com
Wed, 29 Jun 2011 13:24:15 -0600
2aca6670
simplify inline callback interface
Russ Ross russ@dixie.edu
Wed, 29 Jun 2011 13:00:54 -0600
8b9cd447
version bump to 0.6
Russ Ross russ@dixie.edu
Wed, 29 Jun 2011 11:22:20 -0600
70c92fef
inline helpers put parser arg first
Russ Ross russ@dixie.edu
Wed, 29 Jun 2011 11:21:46 -0600
3c6f18af
Renderer is now an interface
Russ Ross russ@dixie.edu
Wed, 29 Jun 2011 11:13:17 -0600
793fee54
preparing for switch to rendering interface
Russ Ross russ@dixie.edu
Wed, 29 Jun 2011 10:43:10 -0600
55697351
table of contents support beefed up
Russ Ross russ@dixie.edu
Wed, 29 Jun 2011 10:36:56 -0600
873a60ad
complete page rendering is now an option in the library
Russ Ross russ@dixie.edu
Wed, 29 Jun 2011 10:08:56 -0600
b1a03182
refactoring: inline renderers return bools, preparing rendering struct to become an interface
Russ Ross russ@russross.com
Tue, 28 Jun 2011 19:46:35 -0600
f0cd9a42
render -> Parser, made parsing functions methods of *Parser
Russ Ross russ@russross.com
Tue, 28 Jun 2011 18:58:53 -0600
55cde00c
camel case
Russ Ross russ@russross.com
Tue, 28 Jun 2011 16:02:12 -0600
c969dff7
added simplified interface for common usage
Russ Ross russ@russross.com
Tue, 28 Jun 2011 15:55:27 -0600
fde2c606
version number, few more options for command-line tool
Russ Ross russ@dixie.edu
Tue, 28 Jun 2011 11:30:10 -0600
84eeba25
example markdown binary: try to guess a title
Russ Ross russ@dixie.edu
Tue, 28 Jun 2011 10:58:37 -0600
2a18706c
options to supress tab expansion or to expand tabs to 8 spaces instead of 4
Russ Ross russ@dixie.edu
Tue, 28 Jun 2011 10:58:10 -0600
2f839dc3
fenced code: ending marker must match beginning marker, tests for fenced code blocks
Russ Ross russ@dixie.edu
Tue, 28 Jun 2011 10:30:25 -0600
66b71b1f
readme tweak
Russ Ross russ@russross.com
Mon, 27 Jun 2011 20:15:12 -0600
4bd8627b
README tweak
Russ Ross russ@russross.com
Mon, 27 Jun 2011 20:14:13 -0600
f8f70572
simplified BSD license
Russ Ross russ@russross.com
Mon, 27 Jun 2011 20:11:32 -0600
8233aad6
preformatted html block tests
Russ Ross russ@russross.com
Mon, 27 Jun 2011 19:35:40 -0600
fffbd3ed
tests for ordered lists
Russ Ross russ@russross.com
Mon, 27 Jun 2011 18:03:54 -0600
00cb90e9
horizontal rule and list testing
Russ Ross russ@russross.com
Mon, 27 Jun 2011 16:06:32 -0600
c8f7e789
more robust whitespace stripping and matching corrections to tests
Russ Ross russ@russross.com
Mon, 27 Jun 2011 16:06:16 -0600
9a0217f7
fixed minor bugs uncovered by more testing
Russ Ross russ@russross.com
Mon, 27 Jun 2011 14:35:11 -0600
47c48525
unit tests for underlined headers, improved whitespace handling for the same
Russ Ross russ@dixie.edu
Mon, 27 Jun 2011 11:42:38 -0600
3af64a90
fixed headers nested in lists, added prefix header unit tests
Russ Ross russ@dixie.edu
Mon, 27 Jun 2011 10:13:13 -0600
e22e43bf
eliminate a buffering level for paragraphs
Russ Ross russ@russross.com
Sun, 26 Jun 2011 17:21:11 -0600
ea3d80e2
clean up main markdown function: split out first and second passes
Russ Ross russ@russross.com
Sun, 26 Jun 2011 09:51:36 -0600
f5e3dc80
refactoring: newlines as hard breaks changed from HTML option to global markdown option
Russ Ross russ@russross.com
Sat, 25 Jun 2011 15:45:51 -0600
812e8d01
refactoring paragraph rendering
Russ Ross russ@russross.com
Sat, 25 Jun 2011 15:18:34 -0600
eff64c56
reduce copying for lists
Russ Ross russ@russross.com
Sat, 25 Jun 2011 15:02:46 -0600
cf97fbd8
experiment: render headers directly to output buffer to avoid a copy; minor speed boost
Russ Ross russ@russross.com
Sat, 25 Jun 2011 08:20:08 -0600
45ab8d0d
dumb tweak that gives a little speed bump
Russ Ross russ@russross.com
Fri, 24 Jun 2011 21:53:46 -0600
44db7217
rewrite of attrEscape: cleaner and faster
Russ Ross russ@russross.com
Fri, 24 Jun 2011 19:11:06 -0600
a74678bf
enable profiling from command-line tool
Russ Ross russ@russross.com
Fri, 24 Jun 2011 17:13:42 -0600
c337e07e
fraction example in readme
Russ Ross russ@russross.com
Fri, 24 Jun 2011 16:42:17 -0600
be0fb460
more inline unit tests
Russ Ross russ@russross.com
Fri, 24 Jun 2011 16:39:50 -0600
f9b03f67
output validates, command-line tool has useful options
Russ Ross russ@russross.com
Fri, 24 Jun 2011 11:50:03 -0600
157bb44c
improved (hopefully) smart quote handling
Russ Ross russ@dixie.edu
Wed, 22 Jun 2011 15:40:58 -0600
9ffeaf98
convert test files to unix format, fix a few broken ones
Russ Ross russ@dixie.edu
Fri, 10 Jun 2011 09:41:00 -0600
1e40ebaf
unit test for linebreaks
Russ Ross russ@russross.com
Wed, 01 Jun 2011 18:52:55 -0600
4b850e80
tab expansion bug
Russ Ross russ@russross.com
Wed, 01 Jun 2011 18:52:40 -0600
a4339270
fix test name conflicts
Russ Ross russ@russross.com
Wed, 01 Jun 2011 18:52:24 -0600
cd5e4957
Merge pull request #2 from kjk/markdown-tests

integrate tests for markdown 1.0.3 test files by comparing them with refe
Russ Ross russross
Wed, 01 Jun 2011 17:24:11 -0700
2abc3af0
starting inline unit tests, fix a few minor bugs they exposed
Russ Ross russ@russross.com
Wed, 01 Jun 2011 12:17:17 -0600
87f1e83d
readme updates
Russ Ross russ@russross.com
Tue, 31 May 2011 16:31:36 -0600
921ac7d0
comments, minor cleanups
Russ Ross russ@russross.com
Tue, 31 May 2011 16:28:07 -0600
b6e65308
rewrote the stinking pile of code that was blockParagraph
Russ Ross russ@russross.com
Tue, 31 May 2011 16:07:15 -0600
9f1d6199
tab expansion fixed to handle multibyte unicode characters
Russ Ross russ@dixie.edu
Tue, 31 May 2011 12:04:58 -0600
f3386eb8
gofmt
Russ Ross russ@dixie.edu
Tue, 31 May 2011 11:49:49 -0600
df64ec5d
allocate new buffers on stack; mild speed improvement
Russ Ross russ@dixie.edu
Tue, 31 May 2011 11:11:04 -0600
9d23b68f
export all names from Renderer struct
This enables new back-ends that are not part of the package
Basically a big search-and-replace for this commit
Russ Ross russ@russross.com
Mon, 30 May 2011 21:44:52 -0600
679e1686
performance fix: with autolinking on, it is almost twice as fast now
Russ Ross russ@russross.com
Mon, 30 May 2011 15:36:31 -0600
4a17a5b5
remove dependency on less function
Russ Ross russ@russross.com
Mon, 30 May 2011 14:42:38 -0600
cd7b9521
readme tweak
Russ Ross russ@russross.com
Mon, 30 May 2011 11:15:56 -0600
ee3fe992
rudimentary latex backend, additional cleanup
Russ Ross russ@russross.com
Mon, 30 May 2011 11:06:20 -0600
81cefb5e
split parser into multiple files, clean up naming
Russ Ross russ@russross.com
Sun, 29 May 2011 17:00:31 -0600
4e2d6a50
cleanup in markdown: better naming, misc fixes
Russ Ross russ@russross.com
Sun, 29 May 2011 11:43:18 -0600
bb3c0f73
comments on performance
Russ Ross russ@russross.com
Sun, 29 May 2011 09:30:57 -0600
59dc1f85
fix smartypants and html entity escaping
Russ Ross russ@russross.com
Sat, 28 May 2011 22:50:33 -0600
de40da7a
escape entities when using smartypants
Russ Ross russ@russross.com
Sat, 28 May 2011 22:39:22 -0600
3ee2b137
return result instead of taking buffer as input
Russ Ross russ@russross.com
Sat, 28 May 2011 22:37:12 -0600
6c6efa13
features list
Russ Ross russ@russross.com
Sat, 28 May 2011 21:43:17 -0600
a3ff1b5d
mdash
Russ Ross russ@russross.com
Sat, 28 May 2011 21:34:02 -0600
9a11e966
readme file
Russ Ross russ@russross.com
Sat, 28 May 2011 21:33:16 -0600
965748ad
refactored into a proper package
Russ Ross russ@russross.com
Sat, 28 May 2011 21:17:53 -0600
de458292
smartypants
Russ Ross russ@dixie.edu
Sat, 28 May 2011 17:37:18 -0600
cab328f2
cleanup
Russ Ross russ@russross.com
Sat, 28 May 2011 13:00:47 -0600
b117dcc9
compatibility fixes
Russ Ross russ@russross.com
Sat, 28 May 2011 09:49:21 -0600
c3545f4e
output matches upskirt for markdown test suite
Russ Ross russ@dixie.edu
Fri, 27 May 2011 16:12:21 -0600
f16de74d
fixing link parsing
Russ Ross russ@russross.com
Fri, 27 May 2011 13:38:10 -0600
48923aa4
basics working, still a few renderers to write
Russ Ross russ@russross.com
Thu, 26 May 2011 22:27:33 -0600
87127316
parsing done but untested
Russ Ross russ@russross.com
Thu, 26 May 2011 14:22:59 -0600
91dd5cc4
working on inline parsing
Russ Ross russ@russross.com
Thu, 26 May 2011 12:10:16 -0600
90f07150
emph parsing
Russ Ross russ@russross.com
Thu, 26 May 2011 09:47:41 -0600
2151ed61
reference extraction
Russ Ross russ@russross.com
Thu, 26 May 2011 08:28:14 -0600
c7272741
setup, starting reference handling
Russ Ross russ@russross.com
Wed, 25 May 2011 20:46:16 -0600
cb7b5466
fixed ordered lists
Russ Ross russ@dixie.edu
Wed, 25 May 2011 16:00:01 -0600
f565f325
all block-level parsers
Russ Ross russ@dixie.edu
Wed, 25 May 2011 15:41:25 -0600
282b8dfa
working on listitem
Russ Ross russ@russross.com
Wed, 25 May 2011 13:59:30 -0600
8eb58026
initial commit
Russ Ross russ@russross.com
Tue, 24 May 2011 16:14:35 -0600
2f988eb2
integrate tests for markdown 1.0.3 test files by comparing them with reference files rendered with upskirt (no extensions)
Krzysztof Kowalczyk kkowalczyk@gmail.com
Wed, 01 Jun 2011 16:47:32 -0700
e69cdde7
Add some HTML5
moshee moshee@displaynone.us
Sun, 21 Oct 2012 21:28:31 -0700
8a86b6d6
HTML5 doctype, Wrap TOC with <nav>

<nav> makes the TOC more easily identifiable and workable with CSS.
moshee moshee@displaynone.us
Sun, 21 Oct 2012 21:23:44 -0700
a25d9a54
Fix html tag ordering in doc string.
Caleb Spare cespare@gmail.com
Thu, 22 Nov 2012 12:52:52 -0800
d0d85495
Fix up method documentation formatting.
Caleb Spare cespare@gmail.com
Thu, 22 Nov 2012 12:12:08 -0800
227e2c00
fix table syntax example
Alif Rachmawadi subosito@gmail.com
Sun, 05 May 2013 10:35:09 +0700
82262382
Improve html element stripping code
Vytautas Šaltenis Vytautas.Shaltenis@gmail.com
Thu, 18 Apr 2013 03:15:47 +0300
079a5585
Fix typo
Vytautas Šaltenis Vytautas.Shaltenis@gmail.com
Sun, 14 Apr 2013 01:44:18 +0300
375cae5d
Add HTML_SKIP_SCRIPT to MarkdownCommon
Vytautas Šaltenis Vytautas.Shaltenis@gmail.com
Sun, 14 Apr 2013 01:43:21 +0300
85e2207c
Couple more tests
Vytautas Šaltenis Vytautas.Shaltenis@gmail.com
Sun, 14 Apr 2013 01:42:47 +0300
dcaaa9b5
More <script> stripping

Partially addresses issue #11.
Vytautas Šaltenis Vytautas.Shaltenis@gmail.com
Sat, 13 Apr 2013 23:24:30 +0300
fb923cdb
Add an option to strip <script> elements

Partially addresses issue #11.
Vytautas Šaltenis Vytautas.Shaltenis@gmail.com
Sat, 13 Apr 2013 22:57:16 +0300
b79e720a
Make isHtmlTag() case insensitive
Vytautas Šaltenis Vytautas.Shaltenis@gmail.com
Sat, 13 Apr 2013 22:34:37 +0300
a2fda5e9
Extract repetitive code to a func
Vytautas Šaltenis Vytautas.Shaltenis@gmail.com
Sat, 13 Apr 2013 22:26:29 +0300
d5a8df16
Fix bug in isHtmlTag()

Fix what seems to be a typo. j should iterate through all tagname, so it
should be initialized to zero. The test exposes this bug.
Vytautas Šaltenis Vytautas.Shaltenis@gmail.com
Sat, 13 Apr 2013 22:21:47 +0300
90509d39
Make a way to parameterize inline tests

Expose extensions and html flags parameters so that tests could specify
what code paths they want to exercise.
Vytautas Šaltenis Vytautas.Shaltenis@gmail.com
Sat, 13 Apr 2013 22:18:14 +0300
3ea84a58
parser no longer returns prematurely from empty footnote ref
moshee moshee@displaynone.us
Mon, 08 Jul 2013 22:34:12 +0000
4513607d
leftover debug stuff
moshee moshee@displaynone.us
Mon, 08 Jul 2013 09:42:29 +0000
1a73bae5
added slice bounds check
moshee moshee@displaynone.us
Mon, 08 Jul 2013 06:54:25 +0000
c23099e5
Implementation and some tests for inline footnotes. Also I noticed the list items had the wrong ids, that was silly of me.
moshee moshee@displaynone.us
Mon, 01 Jul 2013 01:37:52 +0000
8346559a
Referenced footnotes appear to be functional. Inline still unimplemented.
moshee moshee@displaynone.us
Wed, 26 Jun 2013 16:09:27 +0000
7bdb82c5
new tests pass but old tests now fail...
moshee moshee@displaynone.us
Wed, 26 Jun 2013 15:57:51 +0000
be082a1e
First attempt at supporting Pandoc-style footnotes. The existing tests have not broken but the new functionality does not work yet.
moshee moshee@displaynone.us
Tue, 25 Jun 2013 01:18:47 +0000
31798e0e
add testcase for GFM autolink
athom athom@126.com
Fri, 09 Aug 2013 17:24:26 +0800
16c09b01
make autolink peforms like GFM
athom athom@126.com
Fri, 09 Aug 2013 16:28:35 +0800
8751c35d
add EXTENSION_NO_EMPTY_LINE_BEFORE_BLOCK flag to make it closer to GFM(Github flavor Markdown)
athom athom@126.com
Tue, 30 Jul 2013 10:32:11 +0800
bd3e6c94
Fix typo.
Antoine Grondin antoinegrondin@gmail.com
Sun, 01 Sep 2013 10:59:06 -0700
e2503482
Image inside a link now works.
Alex Xandra Albert Sim bertzzie@gmail.com
Mon, 09 Sep 2013 12:51:46 +0700
da8f2753
Added test for link inside image
Alex Xandra Albert Sim bertzzie@gmail.com
Mon, 09 Sep 2013 12:51:20 +0700
5b954f1f
Updated tests to check for th tags instead of td tags within thead blocks
David Kitchen david@buro9.com
Thu, 17 Oct 2013 10:35:44 +0100
6e6572e9
Added th to table headers so that styling with things like Twitter Bootstrap and typeset.css work as expected. Cells in headers should always be TH unless they are advisory cells within headers in which case TD is acceptable (but being Markdown a user with such needs could just enter HTML for this)
David Kitchen david@buro9.com
Wed, 16 Oct 2013 11:36:33 +0100
607ec214
Tests for links when using  HTML_SAFELINK
Darren Coxall darren@darrencoxall.com
Thu, 19 Dec 2013 10:00:47 +0000
59358ade
  Relative URIs are considered safe
Darren Coxall darren.coxall@simplybusiness.co.uk
Mon, 09 Dec 2013 14:41:37 +0000
d71c7591
add HTML_NOFOLLOW_LINKS
Graham Miller graham.miller@gmail.com
Tue, 25 Feb 2014 09:21:57 -0500
84ee8e62
Add a note about JavaScript injections to README
Vytautas Šaltenis vytas@rtfb.lt
Mon, 17 Feb 2014 21:08:10 +0200
2f50a53f
Rename HTML_SKIP_SCRIPT to HTML_SANITIZE_OUTPUT
Vytautas Šaltenis vytas@rtfb.lt
Wed, 22 Jan 2014 01:23:43 +0200
55cd8200
Rewrite protection against JavaScript injection

This drops the naive approach at <script> tag stripping and resorts to
full sanitization of html. The general idea (and the regexps) is grabbed
from Stack Exchange's PageDown JavaScript Markdown processor[1]. Like in
PageDown, it's implemented as a separate pass over resulting html.

Includes a metric ton (but not all) of test cases from here[2]. Several
are commented out since they don't pass yet.

Stronger (but still incomplete) fix for #11.

[1] http://code.google.com/p/pagedown/wiki/PageDown
[2] https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
Vytautas Šaltenis vytas@rtfb.lt
Wed, 22 Jan 2014 01:14:35 +0200
e02c392d
Extract useful code to separate func
Vytautas Šaltenis vytas@rtfb.lt
Wed, 22 Jan 2014 00:45:43 +0200
e5937643
Fix bug in autolink with trailing semicolon

In case the link ends with escaped html entity, the semicolon is a part
of the link and should not be interpreted as punctuation.
Vytautas Šaltenis vytas@rtfb.lt
Sun, 26 Jan 2014 23:40:26 +0200
b0bdfbec
Fix bug in autolink overescaping html entities

If autolink encounters a link which already has an escaped html entity,
it would escape the ampersand again, producing things like these:
    &amp;  --> &amp;amp;
    &quot; --> &amp;quot;
This commit solves that by first looking for all entity-looking things
in the link and copying those ranges verbatim, only considering the rest
of the string for escaping.
Doesn't seem to have considerable performance impact.
The mailto: links are processed the old way.
Vytautas Šaltenis vytas@rtfb.lt
Sun, 26 Jan 2014 21:39:38 +0200
cc0d56d0
Extract a chain of ifs into separate func

This gives a ~10% slowdown of a full test run, which is tolerable.
Switch statement is still slightly slower (~5%). Using map turned out to
be unacceptably slow (~3x slowdown).
Vytautas Šaltenis vytas@rtfb.lt
Sun, 26 Jan 2014 21:27:34 +0200
31a96c6c
go fmt
Vytautas Šaltenis vytas@rtfb.lt
Sun, 26 Jan 2014 21:21:25 +0200
f2d43f69
Fix bug in autolink termination

Detect the end of link when it is immediately followed by an element.
Vytautas Šaltenis vytas@rtfb.lt
Sat, 25 Jan 2014 21:59:38 +0200
9fc8c9d8
Fix bug with overzealous autolink processing

When the source Markdown contains an anchor tag with URL as link text
(i.e. <a href=...>http://foo.bar</a>), autolink converts that link text
into another anchor tag, which is nonsense. Detect this situation with
regexp and early exit autolink processing.
Vytautas Šaltenis vytas@rtfb.lt
Sat, 25 Jan 2014 21:42:34 +0200
786aed62
Explicit return byte array at end of function.
Kjetil Mehl aspic@mehl.no
Sat, 05 Apr 2014 16:59:28 +0200
cb288d6b
Revert "add an infinity-loop detection to block-level parsing"

This reverts commit 0c62e28e900533ff5d0376fac2e5b0c4894e1fa3.
Mathias Leppich mleppich@muhqu.de
Tue, 08 Apr 2014 11:51:17 +0200
17ca2614
optimisation: only fix fenced code blocks if the extensions parser flag is set... ;-)
Mathias Leppich mleppich@muhqu.de
Tue, 01 Apr 2014 23:14:31 +0200
09327332
out-comment stderr debug output
Mathias Leppich mleppich@muhqu.de
Sun, 30 Mar 2014 22:30:38 +0200
ec90dd0f
add some stderr output to reference stress tests
Mathias Leppich mleppich@muhqu.de
Sun, 30 Mar 2014 22:29:24 +0200
cd3fa08c
fix issue #45: 'Fenced Code Blocks without a blank line before'

Add missing newline between paragraph and fenced code block within `firstPass()`.
Mathias Leppich mleppich@muhqu.de
Sun, 30 Mar 2014 21:57:58 +0200
a4274bba
add error message when panic has been raised within `doTestsBlock()`
Mathias Leppich mleppich@muhqu.de
Sun, 30 Mar 2014 21:59:20 +0200
0c62e28e
add an infinity-loop detection to block-level parsing
Mathias Leppich mleppich@muhqu.de
Sun, 30 Mar 2014 00:04:45 +0100
d4c367a9
add test cases for issue #45
Mathias Leppich mleppich@muhqu.de
Sun, 30 Mar 2014 22:00:26 +0200
924064f3
Also support header IDs in ## headers ##
Dave Johnston johnsto@gmail.com
Sun, 06 Apr 2014 10:30:40 +0100
7ad5f9c1
Correctly emit trailing header ID brace
Dave Johnston johnsto@gmail.com
Sat, 05 Apr 2014 20:59:03 +0100
cf01a945
Add Header IDs to default extensions
Dave Johnston johnsto@gmail.com
Sat, 05 Apr 2014 20:45:57 +0100
2dff0864
Add header ID support and tests: # Header {#myid}
Dave Johnston johnsto@gmail.com
Sat, 05 Apr 2014 20:42:58 +0100
8df342ac
Fix bug where newlines were inserted inside fenced code blocks.

Change firstPass() code that checks for fenced code blocks to check all
of them and properly keep track of lastFencedCodeBlockEnd.
This way, it won't misinterpret the end of a fenced code block as a
beginning of a new one.
Dmitri Shuralyov shurcooL@gmail.com
Fri, 11 Apr 2014 21:27:28 -0700
ef2a2b02
Add failing test for an issue introduced by PR #56.

The issue is that when there are more than 1 fenced code blocks with a
blank line before and after, the parser introduces a single extra new
line to all the fenced code blocks except the last one.
Dmitri Shuralyov shurcooL@gmail.com
Fri, 11 Apr 2014 19:54:55 -0700
ad246ef7
Don't expand tabs inside fenced code blocks.

Still do normalize newlines inside fenced code blocks.
Dmitri Shuralyov shurcooL@gmail.com
Sat, 12 Apr 2014 14:45:25 -0700
be9cbc63
tagWhitelist allows alignment attribute now

This is the closest I could get to removing everything "unsave" without introducing an additional regex.
willnix frieder.steinmetz@gmail.com
Sat, 19 Apr 2014 21:59:04 +0000
c1e49967
Add table tags to the whitelist.

Fixing:
https://github.com/russross/blackfriday/commit/55cd82008e9b35b9a03a80e06d5a4c4601320211

This commit introduced a html tag whitelist which does not include any table tags (<td>,<tr>,<thead>...). Therefore even tables the markdown parser itself generated will be removed.
willnix frieder.steinmetz@gmail.com
Thu, 17 Apr 2014 15:44:40 +0000
41251715
Use go.net/html's parser to sanitize HTML.

Use an HTML5 compliant parser that interprets HTML as a browser would to parse
the Markdown result and then sanitize based on the result.
Escape unrecognized and disallowed HTML in the result.
Currently works with a hard coded whitelist of safe HTML tags and attributes.
Martin Probst martin@probst.io
Sun, 27 Apr 2014 23:40:44 +0200
3dba5bc5
Merge branch 'master' of github.com:gihnius/blackfriday into gihnius-master

Conflicts:
	html.go
	inline_test.go
Vytautas Šaltenis vytas@rtfb.lt
Thu, 01 May 2014 21:43:42 +0300
c9977f0c
test: add nofollow ref for non internal links only
gihnius gihnius@gmail.com
Fri, 21 Mar 2014 11:17:31 +0800
93484b14
add nofollow ref for non internal links only
gihnius gihnius@gmail.com
Fri, 21 Mar 2014 11:14:58 +0800
ecf59d4a
add target blank attr
gihnius gihnius@gmail.com
Fri, 21 Mar 2014 10:52:46 +0800
f9b7593e
fix: Handle all different token types that the parser can emit (d'oh).
Martin Probst martin@probst.io
Thu, 01 May 2014 20:55:53 +0200
8d2af3a2
Add support for a bunch more safe HTML element tags, and bring them into some order.
Martin Probst martin@probst.io
Thu, 01 May 2014 22:08:32 +0200
915f7049
Add a test for the correct handling of escaped entities in HTML.

The sanitization code does not retain any particular escaped entities - it
parses the HTML and thus loses the information on what entities were in the
original. The result is correct UTF-8 HTML though.
Martin Probst martin@probst.io
Sat, 03 May 2014 12:34:16 +0200