mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-01-03 14:38:55 -05:00
ff4662be92
- On a empty blockquote the callout feature would panic, as it expects
to always have at least one child.
- This panic cannot result in a DoS, because any panic that happens
while rendering any markdown input will be recovered gracefully.
- Adds a simple condition to avoid this panic.
(cherry picked from commit efd63ec1d8
)
71 lines
2.3 KiB
Go
71 lines
2.3 KiB
Go
// Copyright 2019 The Gitea Authors. All rights reserved.
|
|
// Copyright 2024 The Forgejo Authors c/o Codeberg e.V.. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package callout
|
|
|
|
import (
|
|
"strings"
|
|
|
|
"github.com/yuin/goldmark/ast"
|
|
"github.com/yuin/goldmark/parser"
|
|
"github.com/yuin/goldmark/text"
|
|
)
|
|
|
|
// Transformer for GitHub's legacy callout markup.
|
|
type GitHubLegacyCalloutTransformer struct{}
|
|
|
|
func (g *GitHubLegacyCalloutTransformer) Transform(node *ast.Document, reader text.Reader, pc parser.Context) {
|
|
supportedCalloutTypes := map[string]bool{"Note": true, "Warning": true}
|
|
|
|
_ = ast.Walk(node, func(n ast.Node, entering bool) (ast.WalkStatus, error) {
|
|
if !entering {
|
|
return ast.WalkContinue, nil
|
|
}
|
|
|
|
switch v := n.(type) {
|
|
case *ast.Blockquote:
|
|
if v.ChildCount() == 0 {
|
|
return ast.WalkContinue, nil
|
|
}
|
|
|
|
// The first paragraph contains the callout type.
|
|
firstParagraph := v.FirstChild()
|
|
if firstParagraph.ChildCount() < 1 {
|
|
return ast.WalkContinue, nil
|
|
}
|
|
|
|
// In the legacy GitHub callout markup, the first node of the first
|
|
// paragraph should be an emphasis.
|
|
calloutNode, ok := firstParagraph.FirstChild().(*ast.Emphasis)
|
|
if !ok {
|
|
return ast.WalkContinue, nil
|
|
}
|
|
calloutText := string(calloutNode.Text(reader.Source()))
|
|
calloutType := strings.ToLower(calloutText)
|
|
// We only support "Note" and "Warning" callouts in legacy mode,
|
|
// match only those.
|
|
if _, has := supportedCalloutTypes[calloutText]; !has {
|
|
return ast.WalkContinue, nil
|
|
}
|
|
|
|
// Set the attention attribute on the emphasis
|
|
calloutNode.SetAttributeString("class", []byte("attention-"+calloutType))
|
|
|
|
// color the blockquote
|
|
v.SetAttributeString("class", []byte("attention-header attention-"+calloutType))
|
|
|
|
// Create new parargaph.
|
|
attentionParagraph := ast.NewParagraph()
|
|
attentionParagraph.SetAttributeString("class", []byte("attention-title"))
|
|
|
|
// Move the callout node to the paragraph and insert the paragraph.
|
|
attentionParagraph.AppendChild(attentionParagraph, NewAttention(calloutType))
|
|
attentionParagraph.AppendChild(attentionParagraph, calloutNode)
|
|
firstParagraph.Parent().InsertBefore(firstParagraph.Parent(), firstParagraph, attentionParagraph)
|
|
firstParagraph.RemoveChild(firstParagraph, calloutNode)
|
|
}
|
|
|
|
return ast.WalkContinue, nil
|
|
})
|
|
}
|