cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'upstream/pull/2111'

Browse source
This commit is contained in:
Tom Hughes 2019-01-16 10:15:34 +00:00
commit 6fb660f0af
7 changed files with 23 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Gemfile
View file

@ -77,7 +77,7 @@ gem "omniauth-openid"
gem "omniauth-windowslive" gem "omniauth-windowslive"
# Markdown formatting support # Markdown formatting support
gem "redcarpet" gem "kramdown"
# For status transitions of Issues # For status transitions of Issues
gem "aasm" gem "aasm"

4
Gemfile.lock
View file

@ -161,6 +161,7 @@ GEM
jsonify (< 0.4.0) jsonify (< 0.4.0)
jwt (2.1.0) jwt (2.1.0)
kgio (2.11.2) kgio (2.11.2)
kramdown (1.17.0)
libv8 (3.16.14.19) libv8 (3.16.14.19)
libxml-ruby (3.1.0) libxml-ruby (3.1.0)
listen (3.1.5) listen (3.1.5)
@ -303,7 +304,6 @@ GEM
ffi (~> 1.0) ffi (~> 1.0)
record_tag_helper (1.0.0) record_tag_helper (1.0.0)
actionview (~> 5.x) actionview (~> 5.x)
redcarpet (3.4.0)
ref (2.0.0) ref (2.0.0)
request_store (1.4.1) request_store (1.4.1)
rack (>= 1.4) rack (>= 1.4)
@ -412,6 +412,7 @@ DEPENDENCIES
json json
jsonify-rails jsonify-rails
kgio kgio
kramdown
libxml-ruby (>= 2.0.5) libxml-ruby (>= 2.0.5)
listen listen
logstasher logstasher
@ -438,7 +439,6 @@ DEPENDENCIES
rails-controller-testing rails-controller-testing
rails-i18n (~> 4.0.0) rails-i18n (~> 4.0.0)
record_tag_helper record_tag_helper
redcarpet
rinku (>= 1.2.2) rinku (>= 1.2.2)
rotp rotp
rubocop rubocop

4
app/assets/stylesheets/common.scss
View file

@ -2342,11 +2342,11 @@ a.button {
margin-left: $lineheight; margin-left: $lineheight;
} }
ul li { ul > li {
list-style: disc; list-style: disc;
} }
ol li { ol > li {
list-style: decimal; list-style: decimal;
} }
} }

2
config/initializers/sanitize.rb
View file

@ -1,5 +1,5 @@
Sanitize::Config::OSM = Sanitize::Config::RELAXED.dup Sanitize::Config::OSM = Sanitize::Config::RELAXED.dup
Sanitize::Config::OSM[:elements] -= %w[div style] Sanitize::Config::OSM[:elements] -= %w[div style]
Sanitize::Config::OSM[:add_attributes] = { "a" => { "rel" => "nofollow" } } Sanitize::Config::OSM[:add_attributes] = { "a" => { "rel" => "nofollow noopener noreferer" } }
Sanitize::Config::OSM[:remove_contents] = %w[script style] Sanitize::Config::OSM[:remove_contents] = %w[script style]

2
config/locales/en.yml
View file

@ -1626,7 +1626,7 @@ en:
edit: Edit edit: Edit
preview: Preview preview: Preview
markdown_help: markdown_help:
title_html: Parsed with <a href="https://daringfireball.net/projects/markdown/">Markdown</a> title_html: Parsed with <a href="https://kramdown.gettalong.org/quickref.html">kramdown</a>
headings: Headings headings: Headings
heading: Heading heading: Heading
subheading: Subheading subheading: Subheading

26
lib/rich_text.rb
View file

@ -55,11 +55,15 @@ module RichText
SimpleFormat.new.simple_format(text) SimpleFormat.new.simple_format(text)
end end
def linkify(text) def sanitize(text)
Sanitize.clean(text, Sanitize::Config::OSM).html_safe
end
def linkify(text, mode = :urls)
if text.html_safe? if text.html_safe?
Rinku.auto_link(text, :urls, tag_builder.tag_options(:rel => "nofollow")).html_safe Rinku.auto_link(text, mode, tag_builder.tag_options(:rel => "nofollow noopener noreferer")).html_safe
else else
Rinku.auto_link(text, :urls, tag_builder.tag_options(:rel => "nofollow")) Rinku.auto_link(text, mode, tag_builder.tag_options(:rel => "nofollow noopener noreferer"))
end end
end end
end end
@ -72,30 +76,16 @@ module RichText
def to_text def to_text
to_s to_s
end end
private
def sanitize(text)
Sanitize.clean(text, Sanitize::Config::OSM).html_safe
end
end end
class Markdown < Base class Markdown < Base
def to_html def to_html
Markdown.html_parser.render(self).html_safe linkify(sanitize(Kramdown::Document.new(self).to_html), :all)
end end
def to_text def to_text
to_s to_s
end end
def self.html_renderer
@html_renderer ||= Redcarpet::Render::XHTML.new(:filter_html => true, :safe_links_only => true, :link_attributes => { :rel => "nofollow" })
end
def self.html_parser
@html_parser ||= Redcarpet::Markdown.new(html_renderer, :no_intra_emphasis => true, :autolink => true, :space_after_headers => true)
end
end end
class Text < Base class Text < Base

16
test/lib/rich_text_test.rb
View file

@ -8,14 +8,14 @@ class RichTextTest < ActiveSupport::TestCase
assert_html r do assert_html r do
assert_select "a", 1 assert_select "a", 1
assert_select "a[href='http://example.com/']", 1 assert_select "a[href='http://example.com/']", 1
assert_select "a[rel='nofollow']", 1 assert_select "a[rel='nofollow noopener noreferer']", 1
end end
r = RichText.new("html", "foo <a href='http://example.com/'>bar</a> baz") r = RichText.new("html", "foo <a href='http://example.com/'>bar</a> baz")
assert_html r do assert_html r do
assert_select "a", 1 assert_select "a", 1
assert_select "a[href='http://example.com/']", 1 assert_select "a[href='http://example.com/']", 1
assert_select "a[rel='nofollow']", 1 assert_select "a[rel='nofollow noopener noreferer']", 1
end end
r = RichText.new("html", "foo example@example.com bar") r = RichText.new("html", "foo example@example.com bar")
@ -27,7 +27,7 @@ class RichTextTest < ActiveSupport::TestCase
assert_html r do assert_html r do
assert_select "a", 1 assert_select "a", 1
assert_select "a[href='mailto:example@example.com']", 1 assert_select "a[href='mailto:example@example.com']", 1
assert_select "a[rel='nofollow']", 1 assert_select "a[rel='nofollow noopener noreferer']", 1
end end
r = RichText.new("html", "foo <div>bar</div> baz") r = RichText.new("html", "foo <div>bar</div> baz")
@ -64,28 +64,28 @@ class RichTextTest < ActiveSupport::TestCase
assert_html r do assert_html r do
assert_select "a", 1 assert_select "a", 1
assert_select "a[href='http://example.com/']", 1 assert_select "a[href='http://example.com/']", 1
assert_select "a[rel='nofollow']", 1 assert_select "a[rel='nofollow noopener noreferer']", 1
end end
r = RichText.new("markdown", "foo [bar](http://example.com/) baz") r = RichText.new("markdown", "foo [bar](http://example.com/) baz")
assert_html r do assert_html r do
assert_select "a", 1 assert_select "a", 1
assert_select "a[href='http://example.com/']", 1 assert_select "a[href='http://example.com/']", 1
assert_select "a[rel='nofollow']", 1 assert_select "a[rel='nofollow noopener noreferer']", 1
end end
r = RichText.new("markdown", "foo example@example.com bar") r = RichText.new("markdown", "foo example@example.com bar")
assert_html r do assert_html r do
assert_select "a", 1 assert_select "a", 1
assert_select "a[href='mailto:example@example.com']", 1 assert_select "a[href='mailto:example@example.com']", 1
assert_select "a[rel='nofollow']", 1 assert_select "a[rel='nofollow noopener noreferer']", 1
end end
r = RichText.new("markdown", "foo [bar](mailto:example@example.com) bar") r = RichText.new("markdown", "foo [bar](mailto:example@example.com) bar")
assert_html r do assert_html r do
assert_select "a", 1 assert_select "a", 1
assert_select "a[href='mailto:example@example.com']", 1 assert_select "a[href='mailto:example@example.com']", 1
assert_select "a[rel='nofollow']", 1 assert_select "a[rel='nofollow noopener noreferer']", 1
end end
r = RichText.new("markdown", "foo ![bar](http://example.com/example.png) bar") r = RichText.new("markdown", "foo ![bar](http://example.com/example.png) bar")
@ -162,7 +162,7 @@ class RichTextTest < ActiveSupport::TestCase
assert_html r do assert_html r do
assert_select "a", 1 assert_select "a", 1
assert_select "a[href='http://example.com/']", 1 assert_select "a[href='http://example.com/']", 1
assert_select "a[rel='nofollow']", 1 assert_select "a[rel='nofollow noopener noreferer']", 1
end end
r = RichText.new("text", "foo example@example.com bar") r = RichText.new("text", "foo example@example.com bar")