1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-30 14:09:42 -05:00
forgejo/modules/markup
Gusted 17e70e401c
[GITEA] Use restricted sanitizer for repository description
- Currently the repository description uses the same sanitizer as a
normal markdown document. This means that element such as heading and
images are allowed and can be abused.
- Create a minimal restricted sanitizer for the repository description,
which only allows what the postprocessor currently allows, which are
links and emojis.
- Added unit testing.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1202
- Resolves https://codeberg.org/Codeberg/Community/issues/1122

(cherry picked from commit a8afa4cd18)
(cherry picked from commit 0238587c51)
(cherry picked from commit a8c7bbf728)
(cherry picked from commit 80e05a8245)
(cherry picked from commit f5af5050b3)
(cherry picked from commit 608f981e55)
(cherry picked from commit 6591867502)
(cherry picked from commit b7e6dedafd)
(cherry picked from commit 1cd196da49)
(cherry picked from commit 4c74fd4a04)
2023-11-13 14:06:30 +01:00
..
asciicast Support asciicast files as new markup (#22448) 2023-01-18 08:46:58 +08:00
common Make user-content-* consistent with github (#26388) 2023-08-09 09:30:31 +00:00
console Add context when rendering labels or emojis (#23281) 2023-03-05 22:59:05 +01:00
csv Add context when rendering labels or emojis (#23281) 2023-03-05 22:59:05 +01:00
external Log STDERR of external renderer when it fails (#22442) 2023-01-13 20:41:23 +00:00
markdown Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
mdstripper Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
orgmode fix media description render for orgmode (#26895) 2023-09-13 05:44:59 +00:00
camo.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
camo_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
html.go Render email addresses as such if followed by punctuation (#27987) (#27992) 2023-11-11 13:26:18 +08:00
html_internal_test.go Do not highlight #number in documents (#26365) 2023-08-07 15:11:25 +02:00
html_test.go Render email addresses as such if followed by punctuation (#27987) (#27992) 2023-11-11 13:26:18 +08:00
renderer.go Add RTL rendering support to Markdown (#24816) 2023-05-20 23:02:52 +02:00
renderer_test.go Move IsReadmeFile* from modules/markup/ to modules/util (#22877) 2023-02-13 15:01:09 -05:00
sanitizer.go [GITEA] Use restricted sanitizer for repository description 2023-11-13 14:06:30 +01:00
sanitizer_test.go [GITEA] Use restricted sanitizer for repository description 2023-11-13 14:06:30 +01:00