diff options
| author | Alexander Scheel <alexander.m.scheel@gmail.com> | 2019-12-07 14:49:04 -0500 |
|---|---|---|
| committer | techknowlogick <techknowlogick@gitea.io> | 2019-12-07 14:49:04 -0500 |
| commit | ee7df7ba8c5e6a4b32b0c4048d2b535d8df3cbe9 (patch) | |
| tree | 73229ccd7b291bc1c48fa2aed78cdf1dd7100b6f /routers/api/v1/swagger/issue.go | |
| parent | cecc31951c1b12864e13a2dd148a5e96c74d9a5c (diff) | |
| download | gitea-ee7df7ba8c5e6a4b32b0c4048d2b535d8df3cbe9.tar.gz gitea-ee7df7ba8c5e6a4b32b0c4048d2b535d8df3cbe9.zip | |
Markdown: Sanitizier Configuration (#9075)
* Support custom sanitization policy
Allowing the gitea administrator to configure sanitization policy allows
them to couple external renders and custom templates to support more
markup. In particular, the `pandoc` renderer allows generating KaTeX
annotations, wrapping them in `<span>` elements with class `math` and
either `inline` or `display` (depending on whether or not inline or
block mode was requested).
This iteration gives the administrator whitelisting powers; carefully
crafted regexes will thus let through only the desired attributes
necessary to support their custom markup.
Resolves: #9054
Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>
* Document new sanitization configuration
- Adds basic documentation to app.ini.sample,
- Adds an example to the Configuration Cheat Sheet, and
- Adds extended information to External Renderers section.
Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>
* Drop extraneous length check in newMarkupSanitizer(...)
Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>
* Fix plural ELEMENT and ALLOW_ATTR in docs
These were left over from their initial names. Make them singular to
conform with the current expectations.
Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>
Diffstat (limited to 'routers/api/v1/swagger/issue.go')
0 files changed, 0 insertions, 0 deletions