صفحهٔ اصلی گشت‌و‌گذار راهنما
ورود
mirrors
/
wekan
mirrorاز https://github.com/wekan/wekan.git
2
0
انشعاب 0
پرونده‌ها مشکلات 0 ویکی
درخت: 843ff8eaaa
شاخه‌ها تگ‌ها
wekan
/
packages
/
markdown
/
src
/
template-integration.js

template-integration.js 2.2 KB
تاريخچه خام

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 
  1. import sanitizeXss from 'xss';
    2. 

  2. var Markdown = require('markdown-it')({
    3. 

  3.   html: true,
    4. 

  4.   linkify: true,
    5. 

  5.   typographer: true,
    6. 

  6.   breaks: true,
    7. 

  7. });
    8. 

  8. 

  9. 

  10. // Static URL Scheme Listing
    11. 

  11. var urlschemes = [
    12. 

  12.   "aodroplink",
    13. 

  13.   "thunderlink",
    14. 

  14.   "cbthunderlink",
    15. 

  15.   "onenote",
    16. 

  16.   "file",
    17. 

  17.   "abasurl",
    18. 

  18.   "conisio",
    19. 

  19.   "mailspring"
    20. 

  20. ];
    21. 

  21. 

  22. // Better would be a field in the admin backend to set this dynamically 
    23. 

  23. // instead of putting all known or wanted url schemes here hard into code
    24. 

  24. // but i was not able to access those settings
    25. 

  25. // var urlschemes = currentSetting.automaticLinkedUrlSchemes.split('\n');
    26. 

  26. 

  27. // put all url schemes into the linkify configuration to automatically make it clickable
    28. 

  28. for(var i=0; i<urlschemes.length;i++){
    29. 

  29.   //console.log("adding autolink for "+urlschemes[i]);
    30. 

  30.   Markdown.linkify.add(urlschemes[i]+":",'http:');
    31. 

  31. }
    32. 

  32. 

  33. // Additional  safeAttrValue function to allow for other specific protocols
    34. 

  34. // See https://github.com/leizongmin/js-xss/issues/52#issuecomment-241354114
    35. 

  35. function mySafeAttrValue(tag, name, value, cssFilter) {
    36. 

  36.   // only when the tag is 'a' and attribute is 'href'
    37. 

  37.   // then use your custom function
    38. 

  38.   if (tag === 'a' && name === 'href') {
    39. 

  39.     // only filter the value if starts with an registered url scheme
    40. 

  40.     urlscheme = value.split(/:/);
    41. 

  41.     //console.log("validating "+urlscheme[0]);
    42. 

  42.     if(urlschemes.includes(urlscheme[0])) return value;
    43. 

  43.     else {
    44. 

  44.       // use the default safeAttrValue function to process all non cbthunderlinks
    45. 

  45.       return sanitizeXss.safeAttrValue(tag, name, value, cssFilter);
    46. 

  46.     }
    47. 

  47.   } else {
    48. 

  48.     // use the default safeAttrValue function to process it
    49. 

  49.     return sanitizeXss.safeAttrValue(tag, name, value, cssFilter);
    50. 

  50.   }
    51. 

  51. };
    52. 

  52. 

  53. var emoji = require('markdown-it-emoji');
    54. 

  54. Markdown.use(emoji);
    55. 

  55. 

  56. if (Package.ui) {
    57. 

  57.   const Template = Package.templating.Template;
    58. 

  58.   const UI = Package.ui.UI;
    59. 

  59.   const HTML = Package.htmljs.HTML;
    60. 

  60.   const Blaze = Package.blaze.Blaze; // implied by `ui`
    61. 

  61. 

  62.   UI.registerHelper('markdown', new Template('markdown', function () {
    63. 

  63.     const self = this;
    64. 

  64.     let text = '';
    65. 

  65.     if (self.templateContentBlock) {
    66. 

  66.       text = Blaze._toText(self.templateContentBlock, HTML.TEXTMODE.STRING);
    67. 

  67.     }
    68. 

  68. 

  69.     return HTML.Raw(sanitizeXss(Markdown.render(text), { safeAttrValue: mySafeAttrValue }));
    70. 

  70.   }));
    71. 

  71. }
    72.