codewalker/marked
1
0
Fork 0
Code Pull Requests Actions Packages Releases Activity
1,381 Commits 1 Branch 191 Tags
Commit Graph

536 Commits

Author SHA1 Message Date
barrywoolgar
a4460a9301
Updated inline grammer regexes for strong and em 
Attempt to match special case single character matches before the more permissive standard regexes
 2018-08-02 18:27:40 +01:00
Josh Bruce
706e07dbad
Merge pull request #1304 from UziTech/loose-lists 
loose lists
 2018-07-14 18:33:29 -04:00
Steven
c7d487e452
Merge pull request #1258 from tomtheisen/gfm-strike 
GFM strikethrough compatibility
 2018-07-09 12:34:01 -04:00
Steven
51cd03f525
Merge pull request #1305 from Trott/enable-468 
enable CommonMark spec 468
 2018-07-06 15:46:55 -04:00
Steven
2f86d9439f
Merge pull request #1303 from aduh95/patch-1 
add hard line break when backslash at EOL
 2018-07-06 15:42:28 -04:00
Steven
485fcae321
Merge pull request #1293 from Trott/trailing-period 
fix gfm extended autolinking requiring multiple backpedals
 2018-07-05 09:55:57 -04:00
Rich Trott
9c976cda1c enable CommonMark spec 468 
A minor adjustment to the href-matching regexp permits CommonMark spec
468 to pass. All other passing specs are unaffected.

The regexp was incorrectly excluding parentheses as valid characters in
a URL.
 2018-07-03 11:43:01 -07:00
Tony Brix
b167cd410c remove loose_item_start token 
fixes #469
 2018-07-03 08:33:51 -05:00
Tony Brix
a22ef0f4a4 loose lists 2018-07-03 08:23:03 -05:00
Antoine du Hamel
47cf2b2cf2
add hard line break when backslash at EOL 
A backslash at the end of the line is a hard line break.

Ref: https://spec.commonmark.org/0.28/#example-293
 2018-07-03 10:43:21 +02:00
Rich Trott
04e04b10d4 fix issues link references and prototypes 
Link with names that clashed with properties inherited from the
Object prototype (such as "constructor") were not expanding. This fixes
this issue.

Before this change, markdown of this form...:

    Link: [constructor][].

    [constructor]: https://example.org/

...resulted in HTML output of this form:

    <p>Link: [constructor][].</p>

With this change, it now renders as expected:

    <p>Link: <a href="https://example.org/">constructor</a>.</p>
 2018-06-28 13:41:43 -07:00
Rich Trott
a3cddeeae6 fix gfm extended autolinking requiring multiple backpedals 
Add a test and fix that trailing punctuation is omitted in link URLs for
markdown like this:

    (See https://www.example.com/fhqwhgads.)

The trailing period and closing parenthesis should not be part of the
link URL.
 2018-06-22 13:51:48 -07:00
Steven
05e322c69b
Merge pull request #1262 from UziTech/table-cells 
Fix table cells
 2018-06-12 11:49:29 -04:00
Tony Brix
898f61294d add comments for clarity 2018-06-04 15:23:55 -05:00
Steven
37a9f1f742
Merge pull request #1260 from davisjam/Rtrim 
security: use rtrim, not unsafe /X+$/
 2018-06-03 15:26:46 -04:00
Jamie Davis
0610f9f9a4 remove unnecessary if check 2018-06-02 14:12:17 -04:00
Jamie Davis
2e05c777ac address review comments 2018-06-02 01:24:55 -04:00
Steven
0bc2fc5b6d
Merge pull request #1265 from remyrylan/master 
CommonMark code block class names
 2018-05-11 13:29:38 -04:00
Remy Rylan
6ab2593530 Remove extra inner linebreak from code blocks 2018-05-11 11:20:29 -04:00
Remy Rylan
7b1d0be249 Update fenced code blocks to CommonMark standard 2018-05-11 11:12:12 -04:00
Tony Brix
2c17a5a1ec test pass 2018-05-09 16:27:30 -05:00
Jamie Davis
7e5a72703d security: rtrim, not unsafe /X+$/ idiom 
Problem:
replace(/X+$/, '') is vulnerable to REDOS

Solution:
Replace all instances I could find with a custom rtrim
 2018-05-09 11:07:20 -04:00
Tom Theisen
22b17fec26 Merge branch 'master' of https://github.com/markedjs/marked into gfm-strike 2018-05-08 20:32:01 -07:00
Steven
42c3915242
Merge pull request #1250 from tomtheisen/gfm-tasks 
GFM compliance for tasks lists
 2018-05-08 11:26:46 -04:00
Tom Theisen
1420eb3435 Strikethrough support for GFM 2018-05-05 08:21:32 -07:00
Tom Theisen
b083a1a307 space following task checkbox 2018-05-03 19:52:57 -07:00
Tom Theisen
aa73bb6ea7 add space to task regex and disable xhtml for gfm testing 2018-05-03 19:51:31 -07:00
Tom Theisen
7482990131 GFM compliance for tasks 2018-05-02 20:17:13 -07:00
Tony Brix
9d5ecbe565 fix paragraph 2018-05-02 12:05:36 -05:00
Tony Brix
ee463d4267 add back q mark 2018-05-02 08:41:30 -05:00
Tom Theisen
b78deebfcf lint 2018-04-30 20:11:43 -07:00
Tom Theisen
be922cecdd GFM table compliance 2018-04-30 20:11:01 -07:00
Tom Theisen
e4973edfed lint 2018-04-24 21:20:10 -07:00
Tom Theisen
bbdf191931 handle escaped pipes in gfm tables 2018-04-24 21:19:14 -07:00
Tony Brix
6869998638 set title to empty string 2018-04-17 13:27:18 -05:00
Tony Brix
5aed7249b1 remove () around pedantic title 2018-04-17 09:43:47 -05:00
Tony Brix
5bc83ea8a6 fix href < 2018-04-16 22:16:36 -05:00
Tony Brix
4b7cfbe8f2 remove unnecessary trim 2018-04-16 22:05:02 -05:00
Tony Brix
090debd9b4 move processing 2018-04-16 21:51:28 -05:00
Jamie Davis
5ab4ae3649 security: replace vulnerable regex with parser (#1223) 
* security: replace vulnerable regex with parser

Problem: link regex was vulnerable
Solution: dedicated parser

Fixes: #1222
 2018-04-16 20:21:12 -04:00
Jamie Davis
f052a2c04e security: fix unsafe heading regex 
Problem:
REDOS could be triggered through exploitation of the 'heading' regex.

Solution:
Refactor regex. It matches the same language as before but
is less vulnerable to REDOS.
It is now safe using the bounds suggested by those disclosing it.
It remains super-linear but a successful exploit requires
a much longer attack string.

Fixes:
Issue disclosed privately.

Credit:
This issue was pointed out by
Nick Starke and Adam Cazzolla of Sonatype Security research.
 2018-04-15 22:20:15 -04:00
Tony Brix
4e52c427c6 Merge branch 'master' into pr/1135 2018-04-10 10:10:29 -05:00
Tony Brix
17b231d484 return defaults 2018-04-10 08:28:40 -05:00
Tony Brix
b858452c9c use getDefaults 2018-04-10 07:53:59 -05:00
Tony Brix
ae8f612de5 add marked.origDefaults 2018-04-09 23:19:04 -05:00
Federico Soave
bc7c9dbfb3 do not allow newlines inside html attributes, make cm test 60 pass 2018-04-10 01:16:14 +02:00
Federico Soave
b738cd649c Merge remote-tracking branch 'markedjs/master' into cm_links 2018-04-09 20:43:54 +02:00
Tony Brix
81e01d4faf add more edge cases 2018-04-05 09:34:03 -05:00
Tony Brix
60c2dc4f2c fix inline.em 2018-04-05 09:34:02 -05:00
Tony Brix
a19e2b631a
use default options in Renderer by default 2018-04-04 14:30:42 -05:00