Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
36b166df
Commit
36b166df
authored
Mar 08, 2021
by
Brett Walker
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Only do special escaping for refernce characters
`@#!$&~%^`
parent
a6240a4e
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
31 additions
and
50 deletions
+31
-50
lib/banzai/filter/markdown_pre_escape_filter.rb
lib/banzai/filter/markdown_pre_escape_filter.rb
+3
-2
spec/lib/banzai/pipeline/full_pipeline_spec.rb
spec/lib/banzai/pipeline/full_pipeline_spec.rb
+7
-0
spec/lib/banzai/pipeline/plain_markdown_pipeline_spec.rb
spec/lib/banzai/pipeline/plain_markdown_pipeline_spec.rb
+21
-48
No files found.
lib/banzai/filter/markdown_pre_escape_filter.rb
View file @
36b166df
...
...
@@ -24,7 +24,8 @@ module Banzai
# This filter does the initial surrounding, and MarkdownPostEscapeFilter
# does the conversion into span tags.
class
MarkdownPreEscapeFilter
<
HTML
::
Pipeline
::
TextFilter
ASCII_PUNCTUATION
=
%r{([
\\
][!"#$%&'()*+,-./:;<=>?@
\[\\\]
^_`{|}~])}
.
freeze
# We just need to target those that are special GitLab references
ASCII_PUNCTUATION
=
%r{([
\\
][@#!$&~%^])}
.
freeze
LITERAL_KEYWORD
=
'cmliteral'
def
call
...
...
spec/lib/banzai/pipeline/full_pipeline_spec.rb
View file @
36b166df
...
...
@@ -142,5 +142,12 @@ RSpec.describe Banzai::Pipeline::FullPipeline do
expect
(
output
).
to
include
(
"<span>#</span>
#{
issue
.
iid
}
"
)
end
it
'converts user reference with escaped underscore because of italics'
do
markdown
=
'_@test\__'
output
=
described_class
.
to_html
(
markdown
,
project:
project
)
expect
(
output
).
to
include
(
'<em>@test_</em>'
)
end
end
end
spec/lib/banzai/pipeline/plain_markdown_pipeline_spec.rb
View file @
36b166df
...
...
@@ -31,11 +31,10 @@ RSpec.describe Banzai::Pipeline::PlainMarkdownPipeline do
end
end
# Test strings taken from https://spec.commonmark.org/0.29/#backslash-escapes
describe
'CommonMark tests'
,
:aggregate_failures
do
it
'converts all
ASCII
punctuation to literals'
do
markdown
=
%q(\
!\"
\#
\$\%\&\'\*\+\,\-\.\/\:\;\<\=\>\?\@\[\]\^\_\`\{\|\}\~)
+
%q[\(\)
\\\\
]
punctuation
=
%w(
! " # $ % & ' * + , - . / : ; < = > ? @ [
\\
] ^ _ ` { | } ~)
+
%w[( )]
it
'converts all
reference
punctuation to literals'
do
markdown
=
%q(\
@
\#
\!\$\&\~\%\^)
punctuation
=
%w(
@ # ! $ ~ % ^)
result
=
described_class
.
call
(
markdown
,
project:
project
)
output
=
result
[
:output
].
to_html
...
...
@@ -44,6 +43,16 @@ RSpec.describe Banzai::Pipeline::PlainMarkdownPipeline do
expect
(
result
[
:escaped_literals
]).
to
be_truthy
end
it
'does not convert non-reference punctuation to spans'
do
markdown
=
%q(\"\'\*\+\,\-\.\/\:\;\<\=\>\?\[\]\_\`\{\|\})
+
%q[\(\)
\\\\
]
result
=
described_class
.
call
(
markdown
,
project:
project
)
output
=
result
[
:output
].
to_html
expect
(
output
).
not_to
include
(
'<span>'
)
expect
(
result
[
:escaped_literals
]).
to
be_falsey
end
it
'does not convert other characters to literals'
do
markdown
=
%q(\→\A\a\ \3\φ\«)
expected
=
'\→\A\a\ \3\φ\«'
...
...
@@ -52,49 +61,13 @@ RSpec.describe Banzai::Pipeline::PlainMarkdownPipeline do
expect
(
result
[
:escaped_literals
]).
to
be_falsey
end
describe
'escaped characters are treated as regular characters and do not have their usual Markdown meanings'
do
where
(
:markdown
,
:expected
)
do
%q(\*not emphasized*)
|
%q(<span>*</span>not emphasized*)
%q(\<br/> not a tag)
|
%q(<span><</span>br/> not a tag)
%q!\[not a link](/foo)!
|
%q!<span>[</span>not a link](/foo)!
%q(\`not code`)
|
%q(<span>`</span>not code`)
%q(1\. not a list)
|
%q(1<span>.</span> not a list)
%q(
\#
not a heading)
|
%q(<span>#</span> not a heading)
%q(\[foo]: /url "not a reference")
|
%q(<span>[</span>foo]: /url "not a reference")
%q(\ö not a character entity)
|
%q(<span>&</span>ouml; not a character entity)
end
with_them
do
it
'keeps them as literals'
do
correct_html_included
(
markdown
,
expected
)
end
end
end
it
'backslash is itself escaped, the following character is not'
do
markdown
=
%q(
\\\\
*emphasis*)
expected
=
%q(<span>\</span><em>emphasis</em>)
correct_html_included
(
markdown
,
expected
)
end
it
'backslash at the end of the line is a hard line break'
do
markdown
=
<<~
MARKDOWN
foo
\\
bar
MARKDOWN
expected
=
"foo<br>
\n
bar"
correct_html_included
(
markdown
,
expected
)
end
describe
'backslash escapes do not work in code blocks, code spans, autolinks, or raw HTML'
do
where
(
:markdown
,
:expected
)
do
%q(`` \
[\` ``)
|
%q(<code>\[\`
</code>)
%q( \
[\])
|
%Q(<code>
\\
[
\\
]
\n
</code>)
%Q(~~~
\n\\
[
\\
]
\n
~~~)
|
%Q(<code>
\\
[
\\
]
\n
</code>)
%q(<http://example.com?find=\
*>)
|
%q(<a href="http://example.com?find=%5C*">http://example.com?find=\*
</a>)
%q[<a href="/bar\
/)">]
|
%q[<a href="/bar%5C/
)">]
%q(`` \
@\! ``)
|
%q(<code>\@\!
</code>)
%q( \
@\!)
|
%Q(<code>
\\
@
\\
!
\n
</code>)
%Q(~~~
\n\\
@
\\
!
\n
~~~)
|
%Q(<code>
\\
@
\\
!
\n
</code>)
%q(<http://example.com?find=\
@>)
|
%q(<a href="http://example.com?find=%5C@">http://example.com?find=\@
</a>)
%q[<a href="/bar\
@)">]
|
%q[<a href="/bar%5C@
)">]
end
with_them
do
...
...
@@ -104,9 +77,9 @@ RSpec.describe Banzai::Pipeline::PlainMarkdownPipeline do
describe
'work in all other contexts, including URLs and link titles, link references, and info strings in fenced code blocks'
do
where
(
:markdown
,
:expected
)
do
%q![foo](/bar\
* "ti\*tle")!
|
%q(<a href="/bar*" title="ti*
tle">foo</a>)
%Q![foo]
\n\n
[foo]: /bar
\\
* "ti
\\
*tle"!
|
%q(<a href="/bar*" title="ti*
tle">foo</a>)
%Q(``` foo
\\
+bar
\n
foo
\n
```)
|
%Q(<code lang="foo+
bar">foo
\n
</code>)
%q![foo](/bar\
@ "\@title")!
|
%q(<a href="/bar@" title="@ti
tle">foo</a>)
%Q![foo]
\n\n
[foo]: /bar
\\
@ "
\\
@title"!
|
%q(<a href="/bar@" title="@ti
tle">foo</a>)
%Q(``` foo
\\
@bar
\n
foo
\n
```)
|
%Q(<code lang="foo@
bar">foo
\n
</code>)
end
with_them
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment