1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-23 12:59:11 -05:00
forgejo/modules/markup/markdown
KN4CK3R a09b40de8d
Prevent double sanitize (#16386)
* Prevent double sanitize.
* Use SanitizeReaderToWriter.

At the moment `actualRender` uses `SanitizeReader` to sanitize the output. But `SanitizeReader` gets called in `markup.render` too so the output gets sanitized twice.

I moved the `SanitizeReader` call into `RenderRaw` because this method does not use `markup.render`. I would like to remove the `RenderRaw`/`RenderRawString` methods too because they are only called from tests, the fuzzer and the `/markup/raw` api endpoint. This endpoint is not in use so I think we could remove them. If we really in the future need a method to render markdown without PostProcessing we could achieve this with a more flexible `renderer.NeedPostProcess` method.
2021-11-19 18:46:47 +08:00
..
ast.go Fix various documentation, user-facing, and source comment typos (#16367) 2021-07-08 13:38:13 +02:00
goldmark.go Open markdown image links in new window (#17287) 2021-10-11 20:12:06 +08:00
markdown.go Prevent double sanitize (#16386) 2021-11-19 18:46:47 +08:00
markdown_test.go Open markdown image links in new window (#17287) 2021-10-11 20:12:06 +08:00
meta.go Fix markdown meta parsing (#12817) 2020-09-12 21:48:47 -04:00
meta_test.go Fixed assert statements. (#16089) 2021-06-07 07:27:09 +02:00
renderconfig.go Use markdown frontmatter to provide Table of contents, language and frontmatter rendering (#11047) 2020-04-24 14:22:36 +01:00
toc.go Use markdown frontmatter to provide Table of contents, language and frontmatter rendering (#11047) 2020-04-24 14:22:36 +01:00