Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
CentralNic
parsedown
Commits
0e920268
Commit
0e920268
authored
Nov 05, 2013
by
Emanuil Rusev
Browse files
escaping of "<" breaks span-level html
parent
7249d02c
Changes
5
Hide whitespace changes
Inline
Side-by-side
Parsedown.php
View file @
0e920268
...
...
@@ -564,7 +564,9 @@ class Parsedown
{
foreach
(
$matches
as
$matches
)
{
$url
=
$this
->
escape_special_characters
(
$matches
[
4
]);
$url
=
$matches
[
4
];
strpos
(
$url
,
'&'
)
!==
FALSE
and
$url
=
preg_replace
(
'/&(?!#?\w+;)/'
,
'&'
,
$url
);
if
(
$matches
[
1
])
# image
{
...
...
@@ -604,7 +606,8 @@ class Parsedown
if
(
isset
(
$this
->
reference_map
[
$link_definition
]))
{
$url
=
$this
->
reference_map
[
$link_definition
];
$url
=
$this
->
escape_special_characters
(
$url
);
strpos
(
$url
,
'&'
)
!==
FALSE
and
$url
=
preg_replace
(
'/&(?!#?\w+;)/'
,
'&'
,
$url
);
if
(
$matches
[
1
])
# image
{
...
...
@@ -636,7 +639,9 @@ class Parsedown
{
foreach
(
$matches
as
$matches
)
{
$url
=
$this
->
escape_special_characters
(
$matches
[
1
]);
$url
=
$matches
[
1
];
strpos
(
$url
,
'&'
)
!==
FALSE
and
$url
=
preg_replace
(
'/&(?!#?\w+;)/'
,
'&'
,
$url
);
$element
=
'<a href=":href">:text</a>'
;
$element
=
str_replace
(
':text'
,
$url
,
$element
);
...
...
@@ -656,8 +661,9 @@ class Parsedown
# ~
$text
=
$this
->
escape_special_characters
(
$text
);
strpos
(
$text
,
'&'
)
!==
FALSE
and
$text
=
preg_replace
(
'/&(?!#?\w+;)/'
,
'&'
,
$text
);
strpos
(
$text
,
'<'
)
!==
FALSE
and
$text
=
preg_replace
(
'/<(?!\/?\w.*?>)/'
,
'<'
,
$text
);
# ~
if
(
strpos
(
$text
,
'_'
)
!==
FALSE
)
...
...
@@ -676,13 +682,4 @@ class Parsedown
return
$text
;
}
private
function
escape_special_characters
(
$text
)
{
strpos
(
$text
,
'&'
)
!==
FALSE
and
$text
=
preg_replace
(
'/&(?!#?\w+;)/'
,
'&'
,
$text
);
$text
=
str_replace
(
'<'
,
'<'
,
$text
);
return
$text
;
}
}
\ No newline at end of file
tests/data/span_level_html.html
0 → 100644
View file @
0e920268
<p>
Here's an
<b>
important
</b>
<a
href=
''
>
link
</a>
.
</p>
\ No newline at end of file
tests/data/span_level_html.md
0 → 100644
View file @
0e920268
Here's an
<b>
important
</b>
<a
href=
''
>
link
</a>
.
\ No newline at end of file
tests/data/special_characters.html
View file @
0e920268
...
...
@@ -4,5 +4,6 @@
<p>
4
<
5 and 6 > 5.
</p>
<p>
Here's a
<a
href=
"http://example.com/?foo=1&bar=2"
>
link
</a>
with an ampersand in the URL.
</p>
<p>
Here's an inline
<a
href=
"/script?foo=1&bar=2"
>
link
</a>
.
</p>
<p><a
href=
"http://example.com/autolink?a=1&b=2"
>
http://example.com/autolink?a=1
&
b=2
</a></p>
<hr
/>
<p>
Based on
<a
href=
"http://daringfireball.net/projects/downloads/MarkdownTest_1.0.zip"
>
the original
</a>
test suite.
</p>
\ No newline at end of file
tests/data/special_characters.md
View file @
0e920268
AT&T has an ampersand in their name.
AT
&
amp;
T is another way to write it.
AT&T is another way to write it.
This & that.
...
...
@@ -12,6 +12,8 @@ Here's an inline [link](/script?foo=1&bar=2).
[
1
]:
http://example.com/?foo=1&bar=2
<http://example.com/autolink?a=1&b=2>
---
Based on
[
the original
](
http://daringfireball.net/projects/downloads/MarkdownTest_1.0.zip
)
test suite.
\ No newline at end of file
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
