marked/src/helpers.ts

/**
 * Helpers
 */
const escapeTest = /[&<>"']/;
const escapeReplace = new RegExp(escapeTest.source, 'g');
const escapeTestNoEncode = /[<>"']|&(?!(#\d{1,7}|#[Xx][a-fA-F0-9]{1,6}|\w+);)/;
const escapeReplaceNoEncode = new RegExp(escapeTestNoEncode.source, 'g');
const escapeReplacements: {[index: string]: string} = {
  '&': '&amp;',
  '<': '&lt;',
  '>': '&gt;',
  '"': '&quot;',
  "'": '&#39;'
};
const getEscapeReplacement = (ch: string) => escapeReplacements[ch];

export function escape(html: string, encode?: boolean) {
  if (encode) {
    if (escapeTest.test(html)) {
      return html.replace(escapeReplace, getEscapeReplacement);
    }
  } else {
    if (escapeTestNoEncode.test(html)) {
      return html.replace(escapeReplaceNoEncode, getEscapeReplacement);
    }
  }

  return html;
}

const unescapeTest = /&(#(?:\d+)|(?:#x[0-9A-Fa-f]+)|(?:\w+));?/ig;

export function unescape(html: string) {
  // explicitly match decimal, hex, and named HTML entities
  return html.replace(unescapeTest, (_, n) => {
    n = n.toLowerCase();
    if (n === 'colon') return ':';
    if (n.charAt(0) === '#') {
      return n.charAt(1) === 'x'
        ? String.fromCharCode(parseInt(n.substring(2), 16))
        : String.fromCharCode(+n.substring(1));
    }
    return '';
  });
}

const caret = /(^|[^\[])\^/g;

export function edit(regex: string | RegExp, opt?: string) {
  let source = typeof regex === 'string' ? regex : regex.source;
  opt = opt || '';
  const obj = {
    replace: (name: string | RegExp, val: string | RegExp) => {
      let valSource = typeof val === 'string' ? val : val.source;
      valSource = valSource.replace(caret, '$1');
      source = source.replace(name, valSource);
      return obj;
    },
    getRegex: () => {
      return new RegExp(source, opt);
    }
  };
  return obj;
}

export function cleanUrl(href: string) {
  try {
    href = encodeURI(href).replace(/%25/g, '%');
  } catch (e) {
    return null;
  }
  return href;
}

export const noopTest = { exec: () => null } as unknown as RegExp;

export function splitCells(tableRow: string, count?: number) {
  // ensure that every cell-delimiting pipe has a space
  // before it to distinguish it from an escaped pipe
  const row = tableRow.replace(/\|/g, (match, offset, str) => {
      let escaped = false;
      let curr = offset;
      while (--curr >= 0 && str[curr] === '\\') escaped = !escaped;
      if (escaped) {
        // odd number of slashes means | is escaped
        // so we leave it alone
        return '|';
      } else {
        // add space before unescaped |
        return ' |';
      }
    }),
    cells = row.split(/ \|/);
  let i = 0;

  // First/last cell in a row cannot be empty if it has no leading/trailing pipe
  if (!cells[0].trim()) {
    cells.shift();
  }
  if (cells.length > 0 && !cells[cells.length - 1].trim()) {
    cells.pop();
  }

  if (count) {
    if (cells.length > count) {
      cells.splice(count);
    } else {
      while (cells.length < count) cells.push('');
    }
  }

  for (; i < cells.length; i++) {
    // leading or trailing whitespace is ignored per the gfm spec
    cells[i] = cells[i].trim().replace(/\\\|/g, '|');
  }
  return cells;
}

/**
 * Remove trailing 'c's. Equivalent to str.replace(/c*$/, '').
 * /c*$/ is vulnerable to REDOS.
 *
 * @param str
 * @param c
 * @param invert Remove suffix of non-c chars instead. Default falsey.
 */
export function rtrim(str: string, c: string, invert?: boolean) {
  const l = str.length;
  if (l === 0) {
    return '';
  }

  // Length of suffix matching the invert condition.
  let suffLen = 0;

  // Step left until we fail to match the invert condition.
  while (suffLen < l) {
    const currChar = str.charAt(l - suffLen - 1);
    if (currChar === c && !invert) {
      suffLen++;
    } else if (currChar !== c && invert) {
      suffLen++;
    } else {
      break;
    }
  }

  return str.slice(0, l - suffLen);
}

export function findClosingBracket(str: string, b: string) {
  if (str.indexOf(b[1]) === -1) {
    return -1;
  }

  let level = 0;
  for (let i = 0; i < str.length; i++) {
    if (str[i] === '\\') {
      i++;
    } else if (str[i] === b[0]) {
      level++;
    } else if (str[i] === b[1]) {
      level--;
      if (level < 0) {
        return i;
      }
    }
  }
  return -1;
}
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`/**`
			`* Helpers`
			`*/`
Remove static properties from helpers 2019-12-04 21:14:51 +01:00			`const escapeTest = /[&<>"']/;`
fix: fix entity specs (#2652) 2022-11-20 10:05:26 -06:00			`const escapeReplace = new RegExp(escapeTest.source, 'g');`
			`const escapeTestNoEncode = /[<>"']\|&(?!(#\d{1,7}\|#[Xx][a-fA-F0-9]{1,6}\|\w+);)/;`
			`const escapeReplaceNoEncode = new RegExp(escapeTestNoEncode.source, 'g');`
fix: noImplicitAny: true (#2891) 2023-08-09 23:33:46 -06:00			`const escapeReplacements: {[index: string]: string} = {`
Remove static properties from helpers 2019-12-04 21:14:51 +01:00			`'&': '&',`
			`'<': '<',`
			`'>': '>',`
			`'"': '"',`
			`"'": '''`
			`};`
fix: Migrate to Typescript (#2805) BREAKING CHANGE: Migrate to Typescript 2023-07-29 08:31:34 +02:00			`const getEscapeReplacement = (ch: string) => escapeReplacements[ch];`

			`export function escape(html: string, encode?: boolean) {`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`if (encode) {`
Remove static properties from helpers 2019-12-04 21:14:51 +01:00			`if (escapeTest.test(html)) {`
			`return html.replace(escapeReplace, getEscapeReplacement);`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`}`
			`} else {`
Remove static properties from helpers 2019-12-04 21:14:51 +01:00			`if (escapeTestNoEncode.test(html)) {`
			`return html.replace(escapeReplaceNoEncode, getEscapeReplacement);`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`}`
			`}`

			`return html;`
			`}`
Remove static properties from helpers 2019-12-04 21:14:51 +01:00
			`const unescapeTest = /&(#(?:\d+)\|(?:#x[0-9A-Fa-f]+)\|(?:\w+));?/ig;`
use commonjs and es6 classes 2019-11-06 11:11:06 -06:00
fix: Migrate to Typescript (#2805) BREAKING CHANGE: Migrate to Typescript 2023-07-29 08:31:34 +02:00			`export function unescape(html: string) {`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`// explicitly match decimal, hex, and named HTML entities`
Remove static properties from helpers 2019-12-04 21:14:51 +01:00			`return html.replace(unescapeTest, (_, n) => {`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`n = n.toLowerCase();`
			`if (n === 'colon') return ':';`
			`if (n.charAt(0) === '#') {`
			`return n.charAt(1) === 'x'`
			`? String.fromCharCode(parseInt(n.substring(2), 16))`
			`: String.fromCharCode(+n.substring(1));`
			`}`
			`return '';`
			`});`
			`}`

Remove static properties from helpers 2019-12-04 21:14:51 +01:00			`const caret = /(^\|[^\[])\^/g;`
chore: added some jsdoc (#2418) * added some jsdoc * Update src/helpers.js Co-authored-by: Tony Brix <tony@brix.ninja> * Update src/Renderer.js Co-authored-by: Tony Brix <tony@brix.ninja> Co-authored-by: Tony Brix <tony@brix.ninja> 2022-03-30 17:42:54 +02:00
fix: clean up rules so they can be typed (#3087) BREAKING CHANGE: Lexer.rules object has been changed so it can be properly types. Some intermediate rules have been removed. 2023-11-28 20:56:27 -07:00			`export function edit(regex: string \| RegExp, opt?: string) {`
			`let source = typeof regex === 'string' ? regex : regex.source;`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`opt = opt \|\| '';`
clean up code 2019-11-07 12:46:32 -06:00			`const obj = {`
fix: Migrate to Typescript (#2805) BREAKING CHANGE: Migrate to Typescript 2023-07-29 08:31:34 +02:00			`replace: (name: string \| RegExp, val: string \| RegExp) => {`
fix: clean up rules so they can be typed (#3087) BREAKING CHANGE: Lexer.rules object has been changed so it can be properly types. Some intermediate rules have been removed. 2023-11-28 20:56:27 -07:00			`let valSource = typeof val === 'string' ? val : val.source;`
			`valSource = valSource.replace(caret, '$1');`
			`source = source.replace(name, valSource);`
clean up code 2019-11-07 12:46:32 -06:00			`return obj;`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`},`
clean up code 2019-11-07 12:46:32 -06:00			`getRegex: () => {`
fix: clean up rules so they can be typed (#3087) BREAKING CHANGE: Lexer.rules object has been changed so it can be properly types. Some intermediate rules have been removed. 2023-11-28 20:56:27 -07:00			`return new RegExp(source, opt);`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`}`
			`};`
clean up code 2019-11-07 12:46:32 -06:00			`return obj;`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`}`

fix: remove deprecated options (#2936) BREAKING CHANGE: deprecated options removed. See https://marked.js.org/using_advanced#options to see how to enable the removed options with extensions. 2023-09-02 22:02:24 -06:00			`export function cleanUrl(href: string) {`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`try {`
			`href = encodeURI(href).replace(/%25/g, '%');`
			`} catch (e) {`
			`return null;`
			`}`
			`return href;`
			`}`
Remove static properties from helpers 2019-12-04 21:14:51 +01:00
fix: clean up rules so they can be typed (#3087) BREAKING CHANGE: Lexer.rules object has been changed so it can be properly types. Some intermediate rules have been removed. 2023-11-28 20:56:27 -07:00			`export const noopTest = { exec: () => null } as unknown as RegExp;`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00
fix: noImplicitAny: true (#2891) 2023-08-09 23:33:46 -06:00			`export function splitCells(tableRow: string, count?: number) {`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`// ensure that every cell-delimiting pipe has a space`
			`// before it to distinguish it from an escaped pipe`
clean up code 2019-11-07 12:46:32 -06:00			`const row = tableRow.replace(/\\|/g, (match, offset, str) => {`
fix: fix more types (#2893) Co-authored-by: Steven <steven@ceriously.com> 2023-08-19 16:55:56 -06:00			`let escaped = false;`
			`let curr = offset;`
use commonjs and es6 classes 2019-11-06 11:11:06 -06:00			`while (--curr >= 0 && str[curr] === '\\') escaped = !escaped;`
			`if (escaped) {`
			`// odd number of slashes means \| is escaped`
			`// so we leave it alone`
			`return '\|';`
			`} else {`
			`// add space before unescaped \|`
			`return ' \|';`
			`}`
			`}),`
			`cells = row.split(/ \\|/);`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`let i = 0;`

Tokenizers lex their own child tokens (#2124) BREAKING CHANGES: - Tokenizers will create their own tokens with `this.lexer.inline(text, tokens)`. The `inline` function will queue the token creation until after all block tokens are rendered. - `nptable` tokenizer is removed and merged with `table` tokenizer. - Extensions tokenizer `this` object will include the `lexer` as a property. `this.inlineTokens` becomes `this.lexer.inline`. - Extensions parser `this` object will include the `parser` as a property. `this.parseInline` becomes `this.parser.parseInline`. - `tag` and `inlineText` tokenizer function signatures have changed. 2021-08-02 15:12:43 -04:00			`// First/last cell in a row cannot be empty if it has no leading/trailing pipe`
fix: Migrate to Typescript (#2805) BREAKING CHANGE: Migrate to Typescript 2023-07-29 08:31:34 +02:00			`if (!cells[0].trim()) {`
			`cells.shift();`
			`}`
			`if (cells.length > 0 && !cells[cells.length - 1].trim()) {`
			`cells.pop();`
			`}`
Tokenizers lex their own child tokens (#2124) BREAKING CHANGES: - Tokenizers will create their own tokens with `this.lexer.inline(text, tokens)`. The `inline` function will queue the token creation until after all block tokens are rendered. - `nptable` tokenizer is removed and merged with `table` tokenizer. - Extensions tokenizer `this` object will include the `lexer` as a property. `this.inlineTokens` becomes `this.lexer.inline`. - Extensions parser `this` object will include the `parser` as a property. `this.parseInline` becomes `this.parser.parseInline`. - `tag` and `inlineText` tokenizer function signatures have changed. 2021-08-02 15:12:43 -04:00
fix: noImplicitAny: true (#2891) 2023-08-09 23:33:46 -06:00			`if (count) {`
			`if (cells.length > count) {`
			`cells.splice(count);`
			`} else {`
			`while (cells.length < count) cells.push('');`
			`}`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`}`

			`for (; i < cells.length; i++) {`
			`// leading or trailing whitespace is ignored per the gfm spec`
			`cells[i] = cells[i].trim().replace(/\\\\|/g, '\|');`
			`}`
			`return cells;`
			`}`

chore: added some jsdoc (#2418) * added some jsdoc * Update src/helpers.js Co-authored-by: Tony Brix <tony@brix.ninja> * Update src/Renderer.js Co-authored-by: Tony Brix <tony@brix.ninja> Co-authored-by: Tony Brix <tony@brix.ninja> 2022-03-30 17:42:54 +02:00			`/**`
			`* Remove trailing 'c's. Equivalent to str.replace(/c*$/, '').`
			`* /c*$/ is vulnerable to REDOS.`
			`*`
fix: Migrate to Typescript (#2805) BREAKING CHANGE: Migrate to Typescript 2023-07-29 08:31:34 +02:00			`* @param str`
			`* @param c`
			`* @param invert Remove suffix of non-c chars instead. Default falsey.`
chore: added some jsdoc (#2418) * added some jsdoc * Update src/helpers.js Co-authored-by: Tony Brix <tony@brix.ninja> * Update src/Renderer.js Co-authored-by: Tony Brix <tony@brix.ninja> Co-authored-by: Tony Brix <tony@brix.ninja> 2022-03-30 17:42:54 +02:00			`*/`
fix: Migrate to Typescript (#2805) BREAKING CHANGE: Migrate to Typescript 2023-07-29 08:31:34 +02:00			`export function rtrim(str: string, c: string, invert?: boolean) {`
use commonjs and es6 classes 2019-11-06 11:11:06 -06:00			`const l = str.length;`
			`if (l === 0) {`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`return '';`
			`}`

			`// Length of suffix matching the invert condition.`
			`let suffLen = 0;`

			`// Step left until we fail to match the invert condition.`
use commonjs and es6 classes 2019-11-06 11:11:06 -06:00			`while (suffLen < l) {`
			`const currChar = str.charAt(l - suffLen - 1);`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`if (currChar === c && !invert) {`
			`suffLen++;`
			`} else if (currChar !== c && invert) {`
			`suffLen++;`
			`} else {`
			`break;`
			`}`
			`}`

chore: replace deprecated String.prototype.substr() (#2413) 2022-03-19 06:11:14 +01:00			`return str.slice(0, l - suffLen);`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`}`

fix: Migrate to Typescript (#2805) BREAKING CHANGE: Migrate to Typescript 2023-07-29 08:31:34 +02:00			`export function findClosingBracket(str: string, b: string) {`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`if (str.indexOf(b[1]) === -1) {`
			`return -1;`
			`}`
fix: fix more types (#2893) Co-authored-by: Steven <steven@ceriously.com> 2023-08-19 16:55:56 -06:00
			`let level = 0;`
			`for (let i = 0; i < str.length; i++) {`
move marked to es modules in ./src folder 2019-11-05 15:29:42 -06:00			`if (str[i] === '\\') {`
			`i++;`
			`} else if (str[i] === b[0]) {`
			`level++;`
			`} else if (str[i] === b[1]) {`
			`level--;`
			`if (level < 0) {`
			`return i;`
			`}`
			`}`
			`}`
			`return -1;`
			`}`