Fossil SCM
Only use safe-html markdown rendering for the Forum. This is a temporary measure to get most things working again while we devise improvements to the safe-html mechanism.
Commit
f4e6efb2daea0ef36be00030a15afba03aa30dddd2c12d20775ce88f6d41058c
Parent
485fda60c3fcb7e…
3 files changed
+1
+1
-1
+49
-20
+1
| --- src/forum.c | ||
| +++ src/forum.c | ||
| @@ -340,10 +340,11 @@ | ||
| 340 | 340 | }else{ |
| 341 | 341 | @ <div class='forumPostFullBody'> |
| 342 | 342 | } |
| 343 | 343 | blob_init(&x, 0, 0); |
| 344 | 344 | blob_append(&x, zContent, -1); |
| 345 | + safe_html_enable(1); | |
| 345 | 346 | wiki_render_by_mimetype(&x, zMimetype); |
| 346 | 347 | blob_reset(&x); |
| 347 | 348 | @ </div> |
| 348 | 349 | }else{ |
| 349 | 350 | @ <i>Deleted</i> |
| 350 | 351 |
| --- src/forum.c | |
| +++ src/forum.c | |
| @@ -340,10 +340,11 @@ | |
| 340 | }else{ |
| 341 | @ <div class='forumPostFullBody'> |
| 342 | } |
| 343 | blob_init(&x, 0, 0); |
| 344 | blob_append(&x, zContent, -1); |
| 345 | wiki_render_by_mimetype(&x, zMimetype); |
| 346 | blob_reset(&x); |
| 347 | @ </div> |
| 348 | }else{ |
| 349 | @ <i>Deleted</i> |
| 350 |
| --- src/forum.c | |
| +++ src/forum.c | |
| @@ -340,10 +340,11 @@ | |
| 340 | }else{ |
| 341 | @ <div class='forumPostFullBody'> |
| 342 | } |
| 343 | blob_init(&x, 0, 0); |
| 344 | blob_append(&x, zContent, -1); |
| 345 | safe_html_enable(1); |
| 346 | wiki_render_by_mimetype(&x, zMimetype); |
| 347 | blob_reset(&x); |
| 348 | @ </div> |
| 349 | }else{ |
| 350 | @ <i>Deleted</i> |
| 351 |
+1
-1
| --- src/markdown_html.c | ||
| +++ src/markdown_html.c | ||
| @@ -215,11 +215,11 @@ | ||
| 215 | 215 | ){ |
| 216 | 216 | char *text_data = blob_buffer(text); |
| 217 | 217 | size_t text_size = blob_size(text); |
| 218 | 218 | while( text_size>0 && text_data[text_size-1]=='\n' ) text_size--; |
| 219 | 219 | BLOB_APPEND_LITERAL(ob, "<li>"); |
| 220 | - blob_append(ob, text_data, text_size); | |
| 220 | + safe_html_append(ob, text_data, text_size); | |
| 221 | 221 | BLOB_APPEND_LITERAL(ob, "</li>\n"); |
| 222 | 222 | } |
| 223 | 223 | |
| 224 | 224 | static void html_paragraph(struct Blob *ob, struct Blob *text, void *opaque){ |
| 225 | 225 | INTER_BLOCK(ob); |
| 226 | 226 |
| --- src/markdown_html.c | |
| +++ src/markdown_html.c | |
| @@ -215,11 +215,11 @@ | |
| 215 | ){ |
| 216 | char *text_data = blob_buffer(text); |
| 217 | size_t text_size = blob_size(text); |
| 218 | while( text_size>0 && text_data[text_size-1]=='\n' ) text_size--; |
| 219 | BLOB_APPEND_LITERAL(ob, "<li>"); |
| 220 | blob_append(ob, text_data, text_size); |
| 221 | BLOB_APPEND_LITERAL(ob, "</li>\n"); |
| 222 | } |
| 223 | |
| 224 | static void html_paragraph(struct Blob *ob, struct Blob *text, void *opaque){ |
| 225 | INTER_BLOCK(ob); |
| 226 |
| --- src/markdown_html.c | |
| +++ src/markdown_html.c | |
| @@ -215,11 +215,11 @@ | |
| 215 | ){ |
| 216 | char *text_data = blob_buffer(text); |
| 217 | size_t text_size = blob_size(text); |
| 218 | while( text_size>0 && text_data[text_size-1]=='\n' ) text_size--; |
| 219 | BLOB_APPEND_LITERAL(ob, "<li>"); |
| 220 | safe_html_append(ob, text_data, text_size); |
| 221 | BLOB_APPEND_LITERAL(ob, "</li>\n"); |
| 222 | } |
| 223 | |
| 224 | static void html_paragraph(struct Blob *ob, struct Blob *text, void *opaque){ |
| 225 | INTER_BLOCK(ob); |
| 226 |
+49
-20
| --- src/wikiformat.c | ||
| +++ src/wikiformat.c | ||
| @@ -1808,25 +1808,36 @@ | ||
| 1808 | 1808 | } |
| 1809 | 1809 | |
| 1810 | 1810 | /* |
| 1811 | 1811 | ** COMMAND: test-markdown-render |
| 1812 | 1812 | ** |
| 1813 | -** Usage: %fossil test-markdown-render FILE | |
| 1813 | +** Usage: %fossil test-markdown-render FILE ... | |
| 1814 | 1814 | ** |
| 1815 | 1815 | ** Render markdown in FILE as HTML on stdout. |
| 1816 | +** Options: | |
| 1817 | +** | |
| 1818 | +** --safe Do "safe-html" rendering. | |
| 1816 | 1819 | */ |
| 1817 | 1820 | void test_markdown_render(void){ |
| 1818 | 1821 | Blob in, out; |
| 1822 | + int i; | |
| 1819 | 1823 | db_find_and_open_repository(OPEN_OK_NOT_FOUND|OPEN_SUBSTITUTE,0); |
| 1824 | + if( find_option("safe",0,0)!=0 ){ | |
| 1825 | + safe_html_enable(1); | |
| 1826 | + } | |
| 1820 | 1827 | verify_all_options(); |
| 1821 | - if( g.argc!=3 ) usage("FILE"); | |
| 1822 | - blob_zero(&out); | |
| 1823 | - blob_read_from_file(&in, g.argv[2], ExtFILE); | |
| 1824 | - markdown_to_html(&in, 0, &out); | |
| 1825 | - blob_write_to_file(&out, "-"); | |
| 1826 | - blob_reset(&in); | |
| 1827 | - blob_reset(&out); | |
| 1828 | + for(i=2; i<g.argc; i++){ | |
| 1829 | + blob_zero(&out); | |
| 1830 | + blob_read_from_file(&in, g.argv[i], ExtFILE); | |
| 1831 | + if( g.argc>3 ){ | |
| 1832 | + fossil_print("<!------ %h ------->\n", g.argv[i]); | |
| 1833 | + } | |
| 1834 | + markdown_to_html(&in, 0, &out); | |
| 1835 | + blob_write_to_file(&out, "-"); | |
| 1836 | + blob_reset(&in); | |
| 1837 | + blob_reset(&out); | |
| 1838 | + } | |
| 1828 | 1839 | } |
| 1829 | 1840 | |
| 1830 | 1841 | /* |
| 1831 | 1842 | ** Search for a <title>...</title> at the beginning of a wiki page. |
| 1832 | 1843 | ** Return true (nonzero) if a title is found. Return zero if there is |
| @@ -2499,39 +2510,57 @@ | ||
| 2499 | 2510 | } |
| 2500 | 2511 | }while( e!=eEnd && p->n>0 ); |
| 2501 | 2512 | } |
| 2502 | 2513 | |
| 2503 | 2514 | /* |
| 2504 | -** Append HTML text to a Blob object. The appended text is modified | |
| 2515 | +** Enable or disable the "safe-html" feature. When enabled, the | |
| 2516 | +** HTML generated by Markdown is adjusted so that it cannot cause | |
| 2517 | +** problems when embedded in a larger document. | |
| 2518 | +*/ | |
| 2519 | +static int safeHtml = 0; | |
| 2520 | +void safe_html_enable(int v){ | |
| 2521 | + safeHtml = v; | |
| 2522 | +} | |
| 2523 | + | |
| 2524 | +/* | |
| 2525 | +** Append HTML text to a Blob object. | |
| 2526 | +** | |
| 2527 | +** If safe-html is enabled then the appended text is modified | |
| 2505 | 2528 | ** changed in the following ways: |
| 2506 | 2529 | ** |
| 2507 | 2530 | ** 1. Omit any elements that are not on the AllowedMarkup list. |
| 2508 | 2531 | ** |
| 2509 | 2532 | ** 2. Omit any attributes that are not on the AllowedMarkup list. |
| 2510 | 2533 | ** |
| 2511 | -** 3. Omit any surplus close-tags. (This prevents a surplus </div> | |
| 2512 | -** or </body> or similar element from interferring with formatting | |
| 2513 | -** of the outer context in which the HTML is being inserted.) | |
| 2534 | +** 3. Omit any surplus close-tags. | |
| 2514 | 2535 | ** |
| 2515 | 2536 | ** 4. Insert additional close-tags as necessary so that any |
| 2516 | -** tag in the input that needs a close-tag has one. (This prevents | |
| 2517 | -** the inserted HTML from messing up the formatting of subsequent | |
| 2518 | -** sections of the document into which it is being inserted.) | |
| 2537 | +** tag in the input that needs a close-tag has one. | |
| 2538 | +** | |
| 2539 | +** This modifications are intended to make the generated HTML safe | |
| 2540 | +** to be embedded in a larger HTML document, such that the embedded | |
| 2541 | +** HTML has no influence on the formatting and operation of the | |
| 2542 | +** larger document. | |
| 2519 | 2543 | ** |
| 2520 | -** The input must be writable. Temporary changes may be made to the | |
| 2521 | -** input, but the input is restored to its original state prior to | |
| 2522 | -** returning. If zHtml[nHtml] is not a zero character, then a zero | |
| 2523 | -** might be written in that position temporarily, but that slot will | |
| 2524 | -** also be restored before this routine returns. | |
| 2544 | +** When safe-html is eanbled, the input to this routine must be writable. | |
| 2545 | +* Temporary changes may be made to the input, but the input is restored | |
| 2546 | +** to its original state prior to returning. If zHtml[nHtml] is not a | |
| 2547 | +** zero character, then a zero might be written in that position | |
| 2548 | +** temporarily, but that slot will also be restored before this routine | |
| 2549 | +** returns. | |
| 2525 | 2550 | */ |
| 2526 | 2551 | void safe_html_append(Blob *pBlob, char *zHtml, int nHtml){ |
| 2527 | 2552 | char cLast; |
| 2528 | 2553 | int i, j, n; |
| 2529 | 2554 | HtmlTagStack s; |
| 2530 | 2555 | ParsedMarkup markup; |
| 2531 | 2556 | |
| 2532 | 2557 | if( nHtml<=0 ) return; |
| 2558 | + if( !safeHtml ){ | |
| 2559 | + blob_append(pBlob, zHtml, nHtml); | |
| 2560 | + return; | |
| 2561 | + } | |
| 2533 | 2562 | cLast = zHtml[nHtml]; |
| 2534 | 2563 | zHtml[nHtml] = 0; |
| 2535 | 2564 | html_tagstack_init(&s); |
| 2536 | 2565 | |
| 2537 | 2566 | i = 0; |
| 2538 | 2567 |
| --- src/wikiformat.c | |
| +++ src/wikiformat.c | |
| @@ -1808,25 +1808,36 @@ | |
| 1808 | } |
| 1809 | |
| 1810 | /* |
| 1811 | ** COMMAND: test-markdown-render |
| 1812 | ** |
| 1813 | ** Usage: %fossil test-markdown-render FILE |
| 1814 | ** |
| 1815 | ** Render markdown in FILE as HTML on stdout. |
| 1816 | */ |
| 1817 | void test_markdown_render(void){ |
| 1818 | Blob in, out; |
| 1819 | db_find_and_open_repository(OPEN_OK_NOT_FOUND|OPEN_SUBSTITUTE,0); |
| 1820 | verify_all_options(); |
| 1821 | if( g.argc!=3 ) usage("FILE"); |
| 1822 | blob_zero(&out); |
| 1823 | blob_read_from_file(&in, g.argv[2], ExtFILE); |
| 1824 | markdown_to_html(&in, 0, &out); |
| 1825 | blob_write_to_file(&out, "-"); |
| 1826 | blob_reset(&in); |
| 1827 | blob_reset(&out); |
| 1828 | } |
| 1829 | |
| 1830 | /* |
| 1831 | ** Search for a <title>...</title> at the beginning of a wiki page. |
| 1832 | ** Return true (nonzero) if a title is found. Return zero if there is |
| @@ -2499,39 +2510,57 @@ | |
| 2499 | } |
| 2500 | }while( e!=eEnd && p->n>0 ); |
| 2501 | } |
| 2502 | |
| 2503 | /* |
| 2504 | ** Append HTML text to a Blob object. The appended text is modified |
| 2505 | ** changed in the following ways: |
| 2506 | ** |
| 2507 | ** 1. Omit any elements that are not on the AllowedMarkup list. |
| 2508 | ** |
| 2509 | ** 2. Omit any attributes that are not on the AllowedMarkup list. |
| 2510 | ** |
| 2511 | ** 3. Omit any surplus close-tags. (This prevents a surplus </div> |
| 2512 | ** or </body> or similar element from interferring with formatting |
| 2513 | ** of the outer context in which the HTML is being inserted.) |
| 2514 | ** |
| 2515 | ** 4. Insert additional close-tags as necessary so that any |
| 2516 | ** tag in the input that needs a close-tag has one. (This prevents |
| 2517 | ** the inserted HTML from messing up the formatting of subsequent |
| 2518 | ** sections of the document into which it is being inserted.) |
| 2519 | ** |
| 2520 | ** The input must be writable. Temporary changes may be made to the |
| 2521 | ** input, but the input is restored to its original state prior to |
| 2522 | ** returning. If zHtml[nHtml] is not a zero character, then a zero |
| 2523 | ** might be written in that position temporarily, but that slot will |
| 2524 | ** also be restored before this routine returns. |
| 2525 | */ |
| 2526 | void safe_html_append(Blob *pBlob, char *zHtml, int nHtml){ |
| 2527 | char cLast; |
| 2528 | int i, j, n; |
| 2529 | HtmlTagStack s; |
| 2530 | ParsedMarkup markup; |
| 2531 | |
| 2532 | if( nHtml<=0 ) return; |
| 2533 | cLast = zHtml[nHtml]; |
| 2534 | zHtml[nHtml] = 0; |
| 2535 | html_tagstack_init(&s); |
| 2536 | |
| 2537 | i = 0; |
| 2538 |
| --- src/wikiformat.c | |
| +++ src/wikiformat.c | |
| @@ -1808,25 +1808,36 @@ | |
| 1808 | } |
| 1809 | |
| 1810 | /* |
| 1811 | ** COMMAND: test-markdown-render |
| 1812 | ** |
| 1813 | ** Usage: %fossil test-markdown-render FILE ... |
| 1814 | ** |
| 1815 | ** Render markdown in FILE as HTML on stdout. |
| 1816 | ** Options: |
| 1817 | ** |
| 1818 | ** --safe Do "safe-html" rendering. |
| 1819 | */ |
| 1820 | void test_markdown_render(void){ |
| 1821 | Blob in, out; |
| 1822 | int i; |
| 1823 | db_find_and_open_repository(OPEN_OK_NOT_FOUND|OPEN_SUBSTITUTE,0); |
| 1824 | if( find_option("safe",0,0)!=0 ){ |
| 1825 | safe_html_enable(1); |
| 1826 | } |
| 1827 | verify_all_options(); |
| 1828 | for(i=2; i<g.argc; i++){ |
| 1829 | blob_zero(&out); |
| 1830 | blob_read_from_file(&in, g.argv[i], ExtFILE); |
| 1831 | if( g.argc>3 ){ |
| 1832 | fossil_print("<!------ %h ------->\n", g.argv[i]); |
| 1833 | } |
| 1834 | markdown_to_html(&in, 0, &out); |
| 1835 | blob_write_to_file(&out, "-"); |
| 1836 | blob_reset(&in); |
| 1837 | blob_reset(&out); |
| 1838 | } |
| 1839 | } |
| 1840 | |
| 1841 | /* |
| 1842 | ** Search for a <title>...</title> at the beginning of a wiki page. |
| 1843 | ** Return true (nonzero) if a title is found. Return zero if there is |
| @@ -2499,39 +2510,57 @@ | |
| 2510 | } |
| 2511 | }while( e!=eEnd && p->n>0 ); |
| 2512 | } |
| 2513 | |
| 2514 | /* |
| 2515 | ** Enable or disable the "safe-html" feature. When enabled, the |
| 2516 | ** HTML generated by Markdown is adjusted so that it cannot cause |
| 2517 | ** problems when embedded in a larger document. |
| 2518 | */ |
| 2519 | static int safeHtml = 0; |
| 2520 | void safe_html_enable(int v){ |
| 2521 | safeHtml = v; |
| 2522 | } |
| 2523 | |
| 2524 | /* |
| 2525 | ** Append HTML text to a Blob object. |
| 2526 | ** |
| 2527 | ** If safe-html is enabled then the appended text is modified |
| 2528 | ** changed in the following ways: |
| 2529 | ** |
| 2530 | ** 1. Omit any elements that are not on the AllowedMarkup list. |
| 2531 | ** |
| 2532 | ** 2. Omit any attributes that are not on the AllowedMarkup list. |
| 2533 | ** |
| 2534 | ** 3. Omit any surplus close-tags. |
| 2535 | ** |
| 2536 | ** 4. Insert additional close-tags as necessary so that any |
| 2537 | ** tag in the input that needs a close-tag has one. |
| 2538 | ** |
| 2539 | ** This modifications are intended to make the generated HTML safe |
| 2540 | ** to be embedded in a larger HTML document, such that the embedded |
| 2541 | ** HTML has no influence on the formatting and operation of the |
| 2542 | ** larger document. |
| 2543 | ** |
| 2544 | ** When safe-html is eanbled, the input to this routine must be writable. |
| 2545 | * Temporary changes may be made to the input, but the input is restored |
| 2546 | ** to its original state prior to returning. If zHtml[nHtml] is not a |
| 2547 | ** zero character, then a zero might be written in that position |
| 2548 | ** temporarily, but that slot will also be restored before this routine |
| 2549 | ** returns. |
| 2550 | */ |
| 2551 | void safe_html_append(Blob *pBlob, char *zHtml, int nHtml){ |
| 2552 | char cLast; |
| 2553 | int i, j, n; |
| 2554 | HtmlTagStack s; |
| 2555 | ParsedMarkup markup; |
| 2556 | |
| 2557 | if( nHtml<=0 ) return; |
| 2558 | if( !safeHtml ){ |
| 2559 | blob_append(pBlob, zHtml, nHtml); |
| 2560 | return; |
| 2561 | } |
| 2562 | cLast = zHtml[nHtml]; |
| 2563 | zHtml[nHtml] = 0; |
| 2564 | html_tagstack_init(&s); |
| 2565 | |
| 2566 | i = 0; |
| 2567 |