mirror of
https://github.com/9001/copyparty.git
synced 2025-11-03 21:43:12 +00:00
341 lines
9.6 KiB
Diff
341 lines
9.6 KiB
Diff
diff --git a/src/Lexer.js b/src/Lexer.js
|
|
--- a/src/Lexer.js
|
|
+++ b/src/Lexer.js
|
|
@@ -5,5 +5,5 @@ const { block, inline } = require('./rules.js');
|
|
/**
|
|
* smartypants text replacement
|
|
- */
|
|
+ *
|
|
function smartypants(text) {
|
|
return text
|
|
@@ -26,5 +26,5 @@ function smartypants(text) {
|
|
/**
|
|
* mangle email addresses
|
|
- */
|
|
+ *
|
|
function mangle(text) {
|
|
let out = '',
|
|
@@ -439,5 +439,5 @@ module.exports = class Lexer {
|
|
|
|
// autolink
|
|
- if (token = this.tokenizer.autolink(src, mangle)) {
|
|
+ if (token = this.tokenizer.autolink(src)) {
|
|
src = src.substring(token.raw.length);
|
|
tokens.push(token);
|
|
@@ -446,5 +446,5 @@ module.exports = class Lexer {
|
|
|
|
// url (gfm)
|
|
- if (!inLink && (token = this.tokenizer.url(src, mangle))) {
|
|
+ if (!inLink && (token = this.tokenizer.url(src))) {
|
|
src = src.substring(token.raw.length);
|
|
tokens.push(token);
|
|
@@ -453,5 +453,5 @@ module.exports = class Lexer {
|
|
|
|
// text
|
|
- if (token = this.tokenizer.inlineText(src, inRawBlock, smartypants)) {
|
|
+ if (token = this.tokenizer.inlineText(src, inRawBlock)) {
|
|
src = src.substring(token.raw.length);
|
|
tokens.push(token);
|
|
diff --git a/src/Renderer.js b/src/Renderer.js
|
|
--- a/src/Renderer.js
|
|
+++ b/src/Renderer.js
|
|
@@ -140,5 +140,5 @@ module.exports = class Renderer {
|
|
|
|
link(href, title, text) {
|
|
- href = cleanUrl(this.options.sanitize, this.options.baseUrl, href);
|
|
+ href = cleanUrl(this.options.baseUrl, href);
|
|
if (href === null) {
|
|
return text;
|
|
@@ -153,5 +153,5 @@ module.exports = class Renderer {
|
|
|
|
image(href, title, text) {
|
|
- href = cleanUrl(this.options.sanitize, this.options.baseUrl, href);
|
|
+ href = cleanUrl(this.options.baseUrl, href);
|
|
if (href === null) {
|
|
return text;
|
|
diff --git a/src/Tokenizer.js b/src/Tokenizer.js
|
|
--- a/src/Tokenizer.js
|
|
+++ b/src/Tokenizer.js
|
|
@@ -287,11 +287,8 @@ module.exports = class Tokenizer {
|
|
if (cap) {
|
|
return {
|
|
- type: this.options.sanitize
|
|
- ? 'paragraph'
|
|
- : 'html',
|
|
+ type: 'html',
|
|
raw: cap[0],
|
|
- pre: !this.options.sanitizer
|
|
- && (cap[1] === 'pre' || cap[1] === 'script' || cap[1] === 'style'),
|
|
- text: this.options.sanitize ? (this.options.sanitizer ? this.options.sanitizer(cap[0]) : escape(cap[0])) : cap[0]
|
|
+ pre: cap[1] === 'pre' || cap[1] === 'script' || cap[1] === 'style',
|
|
+ text: cap[0]
|
|
};
|
|
}
|
|
@@ -421,15 +418,9 @@ module.exports = class Tokenizer {
|
|
|
|
return {
|
|
- type: this.options.sanitize
|
|
- ? 'text'
|
|
- : 'html',
|
|
+ type: 'html',
|
|
raw: cap[0],
|
|
inLink,
|
|
inRawBlock,
|
|
- text: this.options.sanitize
|
|
- ? (this.options.sanitizer
|
|
- ? this.options.sanitizer(cap[0])
|
|
- : escape(cap[0]))
|
|
- : cap[0]
|
|
+ text: cap[0]
|
|
};
|
|
}
|
|
@@ -550,10 +541,10 @@ module.exports = class Tokenizer {
|
|
}
|
|
|
|
- autolink(src, mangle) {
|
|
+ autolink(src) {
|
|
const cap = this.rules.inline.autolink.exec(src);
|
|
if (cap) {
|
|
let text, href;
|
|
if (cap[2] === '@') {
|
|
- text = escape(this.options.mangle ? mangle(cap[1]) : cap[1]);
|
|
+ text = escape(cap[1]);
|
|
href = 'mailto:' + text;
|
|
} else {
|
|
@@ -578,10 +569,10 @@ module.exports = class Tokenizer {
|
|
}
|
|
|
|
- url(src, mangle) {
|
|
+ url(src) {
|
|
let cap;
|
|
if (cap = this.rules.inline.url.exec(src)) {
|
|
let text, href;
|
|
if (cap[2] === '@') {
|
|
- text = escape(this.options.mangle ? mangle(cap[0]) : cap[0]);
|
|
+ text = escape(cap[0]);
|
|
href = 'mailto:' + text;
|
|
} else {
|
|
@@ -615,12 +606,12 @@ module.exports = class Tokenizer {
|
|
}
|
|
|
|
- inlineText(src, inRawBlock, smartypants) {
|
|
+ inlineText(src, inRawBlock) {
|
|
const cap = this.rules.inline.text.exec(src);
|
|
if (cap) {
|
|
let text;
|
|
if (inRawBlock) {
|
|
- text = this.options.sanitize ? (this.options.sanitizer ? this.options.sanitizer(cap[0]) : escape(cap[0])) : cap[0];
|
|
+ text = cap[0];
|
|
} else {
|
|
- text = escape(this.options.smartypants ? smartypants(cap[0]) : cap[0]);
|
|
+ text = escape(cap[0]);
|
|
}
|
|
return {
|
|
diff --git a/src/defaults.js b/src/defaults.js
|
|
--- a/src/defaults.js
|
|
+++ b/src/defaults.js
|
|
@@ -8,12 +8,8 @@ function getDefaults() {
|
|
highlight: null,
|
|
langPrefix: 'language-',
|
|
- mangle: true,
|
|
pedantic: false,
|
|
renderer: null,
|
|
- sanitize: false,
|
|
- sanitizer: null,
|
|
silent: false,
|
|
smartLists: false,
|
|
- smartypants: false,
|
|
tokenizer: null,
|
|
walkTokens: null,
|
|
diff --git a/src/helpers.js b/src/helpers.js
|
|
--- a/src/helpers.js
|
|
+++ b/src/helpers.js
|
|
@@ -64,18 +64,5 @@ function edit(regex, opt) {
|
|
const nonWordAndColonTest = /[^\w:]/g;
|
|
const originIndependentUrl = /^$|^[a-z][a-z0-9+.-]*:|^[?#]/i;
|
|
-function cleanUrl(sanitize, base, href) {
|
|
- if (sanitize) {
|
|
- let prot;
|
|
- try {
|
|
- prot = decodeURIComponent(unescape(href))
|
|
- .replace(nonWordAndColonTest, '')
|
|
- .toLowerCase();
|
|
- } catch (e) {
|
|
- return null;
|
|
- }
|
|
- if (prot.indexOf('javascript:') === 0 || prot.indexOf('vbscript:') === 0 || prot.indexOf('data:') === 0) {
|
|
- return null;
|
|
- }
|
|
- }
|
|
+function cleanUrl(base, href) {
|
|
if (base && !originIndependentUrl.test(href)) {
|
|
href = resolveUrl(base, href);
|
|
@@ -223,10 +210,4 @@ function findClosingBracket(str, b) {
|
|
}
|
|
|
|
-function checkSanitizeDeprecation(opt) {
|
|
- if (opt && opt.sanitize && !opt.silent) {
|
|
- console.warn('marked(): sanitize and sanitizer parameters are deprecated since version 0.7.0, should not be used and will be removed in the future. Read more here: https://marked.js.org/#/USING_ADVANCED.md#options');
|
|
- }
|
|
-}
|
|
-
|
|
module.exports = {
|
|
escape,
|
|
@@ -239,5 +220,4 @@ module.exports = {
|
|
splitCells,
|
|
rtrim,
|
|
- findClosingBracket,
|
|
- checkSanitizeDeprecation
|
|
+ findClosingBracket
|
|
};
|
|
diff --git a/src/marked.js b/src/marked.js
|
|
--- a/src/marked.js
|
|
+++ b/src/marked.js
|
|
@@ -7,5 +7,4 @@ const Slugger = require('./Slugger.js');
|
|
const {
|
|
merge,
|
|
- checkSanitizeDeprecation,
|
|
escape
|
|
} = require('./helpers.js');
|
|
@@ -35,5 +34,4 @@ function marked(src, opt, callback) {
|
|
|
|
opt = merge({}, marked.defaults, opt || {});
|
|
- checkSanitizeDeprecation(opt);
|
|
|
|
if (callback) {
|
|
@@ -108,5 +106,5 @@ function marked(src, opt, callback) {
|
|
return Parser.parse(tokens, opt);
|
|
} catch (e) {
|
|
- e.message += '\nPlease report this to https://github.com/markedjs/marked.';
|
|
+ e.message += '\nmake issue @ https://github.com/9001/copyparty';
|
|
if (opt.silent) {
|
|
return '<p>An error occurred:</p><pre>'
|
|
diff --git a/test/bench.js b/test/bench.js
|
|
--- a/test/bench.js
|
|
+++ b/test/bench.js
|
|
@@ -33,5 +33,4 @@ async function runBench(options) {
|
|
breaks: false,
|
|
pedantic: false,
|
|
- sanitize: false,
|
|
smartLists: false
|
|
});
|
|
@@ -45,5 +44,4 @@ async function runBench(options) {
|
|
breaks: false,
|
|
pedantic: false,
|
|
- sanitize: false,
|
|
smartLists: false
|
|
});
|
|
@@ -58,5 +56,4 @@ async function runBench(options) {
|
|
breaks: false,
|
|
pedantic: false,
|
|
- sanitize: false,
|
|
smartLists: false
|
|
});
|
|
@@ -70,5 +67,4 @@ async function runBench(options) {
|
|
breaks: false,
|
|
pedantic: false,
|
|
- sanitize: false,
|
|
smartLists: false
|
|
});
|
|
@@ -83,5 +79,4 @@ async function runBench(options) {
|
|
breaks: false,
|
|
pedantic: true,
|
|
- sanitize: false,
|
|
smartLists: false
|
|
});
|
|
@@ -95,5 +90,4 @@ async function runBench(options) {
|
|
breaks: false,
|
|
pedantic: true,
|
|
- sanitize: false,
|
|
smartLists: false
|
|
});
|
|
diff --git a/test/specs/run-spec.js b/test/specs/run-spec.js
|
|
--- a/test/specs/run-spec.js
|
|
+++ b/test/specs/run-spec.js
|
|
@@ -22,8 +22,4 @@ function runSpecs(title, dir, showCompletionTable, options) {
|
|
}
|
|
|
|
- if (spec.options.sanitizer) {
|
|
- // eslint-disable-next-line no-eval
|
|
- spec.options.sanitizer = eval(spec.options.sanitizer);
|
|
- }
|
|
|
|
(spec.only ? fit : (spec.skip ? xit : it))('should ' + passFail + example, async() => {
|
|
@@ -53,3 +49,2 @@ runSpecs('Original', './original', false, { gfm: false, pedantic: true });
|
|
runSpecs('New', './new');
|
|
runSpecs('ReDOS', './redos');
|
|
-runSpecs('Security', './security', false, { silent: true }); // silent - do not show deprecation warning
|
|
diff --git a/test/unit/Lexer-spec.js b/test/unit/Lexer-spec.js
|
|
--- a/test/unit/Lexer-spec.js
|
|
+++ b/test/unit/Lexer-spec.js
|
|
@@ -465,5 +465,5 @@ a | b
|
|
});
|
|
|
|
- it('sanitize', () => {
|
|
+ /*it('sanitize', () => {
|
|
expectTokens({
|
|
md: '<div>html</div>',
|
|
@@ -483,5 +483,5 @@ a | b
|
|
]
|
|
});
|
|
- });
|
|
+ });*/
|
|
});
|
|
|
|
@@ -587,5 +587,5 @@ a | b
|
|
});
|
|
|
|
- it('html sanitize', () => {
|
|
+ /*it('html sanitize', () => {
|
|
expectInlineTokens({
|
|
md: '<div>html</div>',
|
|
@@ -597,5 +597,5 @@ a | b
|
|
]
|
|
});
|
|
- });
|
|
+ });*/
|
|
|
|
it('link', () => {
|
|
@@ -909,5 +909,5 @@ a | b
|
|
});
|
|
|
|
- it('autolink mangle email', () => {
|
|
+ /*it('autolink mangle email', () => {
|
|
expectInlineTokens({
|
|
md: '<test@example.com>',
|
|
@@ -929,5 +929,5 @@ a | b
|
|
]
|
|
});
|
|
- });
|
|
+ });*/
|
|
|
|
it('url', () => {
|
|
@@ -966,5 +966,5 @@ a | b
|
|
});
|
|
|
|
- it('url mangle email', () => {
|
|
+ /*it('url mangle email', () => {
|
|
expectInlineTokens({
|
|
md: 'test@example.com',
|
|
@@ -986,5 +986,5 @@ a | b
|
|
]
|
|
});
|
|
- });
|
|
+ });*/
|
|
});
|
|
|
|
@@ -1002,5 +1002,5 @@ a | b
|
|
});
|
|
|
|
- describe('smartypants', () => {
|
|
+ /*describe('smartypants', () => {
|
|
it('single quotes', () => {
|
|
expectInlineTokens({
|
|
@@ -1072,5 +1072,5 @@ a | b
|
|
});
|
|
});
|
|
- });
|
|
+ });*/
|
|
});
|
|
});
|