summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--modules/base/markdown.go12
-rw-r--r--modules/base/tool.go1
-rw-r--r--modules/setting/setting.go1
-rw-r--r--modules/template/template.go2
4 files changed, 6 insertions, 10 deletions
diff --git a/modules/base/markdown.go b/modules/base/markdown.go
index 0ef379b8ed..62db945a53 100644
--- a/modules/base/markdown.go
+++ b/modules/base/markdown.go
@@ -29,16 +29,10 @@ func isalnum(c byte) bool {
return (c >= '0' && c <= '9') || isletter(c)
}
-var validLinks = [][]byte{[]byte("http://"), []byte("https://"), []byte("ftp://"), []byte("mailto://")}
+var validLinksPattern = regexp.MustCompile(`^[a-z][\w-]+://`)
func isLink(link []byte) bool {
- for _, prefix := range validLinks {
- if len(link) > len(prefix) && bytes.Equal(bytes.ToLower(link[:len(prefix)]), prefix) && isalnum(link[len(prefix)]) {
- return true
- }
- }
-
- return false
+ return validLinksPattern.Match(link)
}
func IsMarkdownFile(name string) bool {
@@ -346,7 +340,7 @@ OUTER_LOOP:
func RenderMarkdown(rawBytes []byte, urlPrefix string, metas map[string]string) []byte {
result := RenderRawMarkdown(rawBytes, urlPrefix)
result = PostProcessMarkdown(result, urlPrefix, metas)
- result = Sanitizer.SanitizeBytes(result)
+ result = BuildSanitizer().SanitizeBytes(result)
return result
}
diff --git a/modules/base/tool.go b/modules/base/tool.go
index f98ae28b93..5280fef203 100644
--- a/modules/base/tool.go
+++ b/modules/base/tool.go
@@ -37,6 +37,7 @@ func BuildSanitizer() (p *bluemonday.Policy) {
p.AllowAttrs("type").Matching(regexp.MustCompile(`^checkbox$`)).OnElements("input")
p.AllowAttrs("checked", "disabled").OnElements("input")
+ p.AllowURLSchemes(setting.Markdown.CustomURLSchemes...)
return p
}
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index fcb234add6..1ef20fd3c2 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -117,6 +117,7 @@ var (
// Markdown sttings
Markdown struct {
EnableHardLineBreak bool
+ CustomURLSchemes []string `ini:"CUSTOM_URL_SCHEMES"`
}
// Picture settings
diff --git a/modules/template/template.go b/modules/template/template.go
index 6099fcc987..d95035c352 100644
--- a/modules/template/template.go
+++ b/modules/template/template.go
@@ -105,7 +105,7 @@ func Safe(raw string) template.HTML {
}
func Str2html(raw string) template.HTML {
- return template.HTML(base.Sanitizer.Sanitize(raw))
+ return template.HTML(base.BuildSanitizer().Sanitize(raw))
}
func Range(l int) []int {