diff options
Diffstat (limited to 'modules/markup')
| -rw-r--r-- | modules/markup/markdown/markdown.go | 26 | ||||
| -rw-r--r-- | modules/markup/sanitizer.go | 8 |
2 files changed, 30 insertions, 4 deletions
diff --git a/modules/markup/markdown/markdown.go b/modules/markup/markdown/markdown.go index 128268bc88..9197dd2fe1 100644 --- a/modules/markup/markdown/markdown.go +++ b/modules/markup/markdown/markdown.go @@ -15,7 +15,9 @@ import ( "code.gitea.io/gitea/modules/setting" giteautil "code.gitea.io/gitea/modules/util" + chromahtml "github.com/alecthomas/chroma/formatters/html" "github.com/yuin/goldmark" + "github.com/yuin/goldmark-highlighting" meta "github.com/yuin/goldmark-meta" "github.com/yuin/goldmark/extension" "github.com/yuin/goldmark/parser" @@ -49,6 +51,30 @@ func render(body []byte, urlPrefix string, metas map[string]string, wikiMarkdown extension.TaskList, extension.DefinitionList, common.FootnoteExtension, + highlighting.NewHighlighting( + highlighting.WithFormatOptions( + chromahtml.WithClasses(true), + chromahtml.PreventSurroundingPre(true), + ), + highlighting.WithWrapperRenderer(func(w util.BufWriter, c highlighting.CodeBlockContext, entering bool) { + language, _ := c.Language() + if language == nil { + language = []byte("text") + } + if entering { + // include language-x class as part of commonmark spec + _, err := w.WriteString("<pre><code class=\"chroma language-" + string(language) + "\">") + if err != nil { + return + } + } else { + _, err := w.WriteString("</code></pre>") + if err != nil { + return + } + } + }), + ), meta.Meta, ), goldmark.WithParserOptions( diff --git a/modules/markup/sanitizer.go b/modules/markup/sanitizer.go index 1041d56a32..e5f6e75084 100644 --- a/modules/markup/sanitizer.go +++ b/modules/markup/sanitizer.go @@ -37,8 +37,8 @@ func NewSanitizer() { // ReplaceSanitizer replaces the current sanitizer to account for changes in settings func ReplaceSanitizer() { sanitizer.policy = bluemonday.UGCPolicy() - // We only want to allow HighlightJS specific classes for code blocks - sanitizer.policy.AllowAttrs("class").Matching(regexp.MustCompile(`^language-[\w-]+$`)).OnElements("code") + // For Chroma markdown plugin + sanitizer.policy.AllowAttrs("class").Matching(regexp.MustCompile(`^(chroma )?language-[\w-]+$`)).OnElements("code") // Checkboxes sanitizer.policy.AllowAttrs("type").Matching(regexp.MustCompile(`^checkbox$`)).OnElements("input") @@ -65,8 +65,8 @@ func ReplaceSanitizer() { // Allow classes for emojis sanitizer.policy.AllowAttrs("class").Matching(regexp.MustCompile(`emoji`)).OnElements("img") - // Allow icons, checkboxes and emojis on span - sanitizer.policy.AllowAttrs("class").Matching(regexp.MustCompile(`^((icon(\s+[\p{L}\p{N}_-]+)+)|(ui checkbox)|(ui checked checkbox)|(emoji))$`)).OnElements("span") + // Allow icons, checkboxes, emojis, and chroma syntax on span + sanitizer.policy.AllowAttrs("class").Matching(regexp.MustCompile(`^((icon(\s+[\p{L}\p{N}_-]+)+)|(ui checkbox)|(ui checked checkbox)|(emoji))$|^([a-z][a-z0-9]{0,2})$`)).OnElements("span") // Allow generally safe attributes generalSafeAttrs := []string{"abbr", "accept", "accept-charset", |