1
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-11-04 08:17:24 -05:00
gitea/modules
Alexander Scheel ee7df7ba8c Markdown: Sanitizier Configuration (#9075)
* Support custom sanitization policy

Allowing the gitea administrator to configure sanitization policy allows
them to couple external renders and custom templates to support more
markup. In particular, the `pandoc` renderer allows generating KaTeX
annotations, wrapping them in `<span>` elements with class `math` and
either `inline` or `display` (depending on whether or not inline or
block mode was requested).

This iteration gives the administrator whitelisting powers; carefully
crafted regexes will thus let through only the desired attributes
necessary to support their custom markup.

Resolves: #9054

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>

* Document new sanitization configuration

 - Adds basic documentation to app.ini.sample,
 - Adds an example to the Configuration Cheat Sheet, and
 - Adds extended information to External Renderers section.

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>

* Drop extraneous length check in newMarkupSanitizer(...)

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>

* Fix plural ELEMENT and ALLOW_ATTR in docs

These were left over from their initial names. Make them singular to
conform with the current expectations.

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>
2019-12-07 14:49:04 -05:00
..
auth Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055) 2019-12-03 20:08:56 -05:00
avatar Improve handling of non-square avatars (#7025) 2019-05-25 14:46:14 +03:00
base Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
cache Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
charset Reduce test sensibility (#8393) 2019-10-07 01:49:14 -04:00
context Fix nil context user (#9099) 2019-11-20 19:44:35 +00:00
convert [Bug] [API] Add language to user api (#9215) 2019-11-30 11:18:40 -05:00
cron Update migrated repositories' issues/comments/prs poster id if user has a github external user saved (#7751) 2019-10-14 09:10:42 +03:00
generate Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
git Graceful: Cancel Process on monitor pages & HammerTime (#9213) 2019-11-30 16:40:22 +02:00
gitgraph Move git graph from models to modules/graph (#9027) 2019-11-16 08:47:57 +08:00
graceful Add comment to exported function WindowsServiceName (make revive) (#9241) 2019-12-03 19:16:29 -05:00
highlight Add a lot of extension to language mappings for syntax highlights (#7741) 2019-08-05 23:48:31 +08:00
httplib Add golangci (#6418) 2019-06-12 15:41:28 -04:00
indexer upgrade levelqueue to 0.1.0 (#9192) 2019-11-28 23:37:33 +08:00
lfs Add basic repository lfs management (#7199) 2019-10-28 18:31:55 +00:00
log Fix data race (#8204) 2019-09-17 12:39:37 +03:00
markup Markdown: Sanitizier Configuration (#9075) 2019-12-07 14:49:04 -05:00
metrics Prometheus endpoint (#5256) 2018-11-04 22:20:00 -05:00
migrations Add retry for migration http/https requests (#9019) 2019-11-16 16:30:06 +08:00
notification Move mirror sync actions to notification (#9022) 2019-11-24 00:16:59 -05:00
options Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
password Add password requirement info on error (#9074) 2019-11-19 22:44:58 +00:00
pprof Add golangci (#6418) 2019-06-12 15:41:28 -04:00
private Allow Protected Branches to Whitelist Deploy Keys (#8483) 2019-10-21 09:21:45 +01:00
process Graceful: Cancel Process on monitor pages & HammerTime (#9213) 2019-11-30 16:40:22 +02:00
public Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
recaptcha fixed reCAPTCHA URL (#9083) 2019-11-22 08:03:45 +00:00
references Alternate syntax for cross references (#9116) 2019-12-01 15:57:05 +02:00
repofiles Move UpdateIssuesCommit from models to repofiles (#9276) 2019-12-07 23:52:36 +08:00
search Global code search support (#3664) 2018-03-16 22:04:33 +08:00
secret Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
session Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
setting Markdown: Sanitizier Configuration (#9075) 2019-12-07 14:49:04 -05:00
ssh Add Graceful shutdown for Windows and hooks for shutdown of goroutines (#8964) 2019-11-21 13:32:02 -05:00
structs Add release_counter to Repo API (#9214) 2019-11-30 14:28:47 -05:00
sync Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
task Fix bug when migrate from API (#8631) 2019-11-08 17:21:00 -05:00
templates Add USE_SERVICE_WORKER setting (#9110) 2019-11-21 15:06:23 -05:00
test Add Close() method to gogitRepository (#8901) 2019-11-13 07:01:19 +00:00
timeutil Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
upload Fix upload file type check (#7890) 2019-08-17 13:10:17 +03:00
user Add golangci (#6418) 2019-06-12 15:41:28 -04:00
util Convert EOL to UNIX-style to render MD properly (#8925) 2019-11-13 03:27:11 +01:00
validation Implement webhook branch filter (#7791) 2019-09-09 08:48:21 +03:00
webhook Make consistent links to repository in the Slack/Mattermost notificiations (#9205) 2019-11-30 12:23:37 +02:00