| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1325 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
(except for two warnings about unneeded functions, which might
come in handy some day...)
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1291 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
(rather than the other way around). Added "html", "head", and
"body" to list of block tags. Resolves Issue #66, allowing
<lj> to count as an inline tag.
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1276 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
and images, and in HTML href and src attributes. If the URI scheme
is not on a whitelist of safe schemes, it is rejected. The main point
is to prevent cross-site scripting attacks using 'javascript:' URIs.
See http://www.mail-archive.com/markdown-discuss@six.pairlist.net/msg01186.html
and http://ha.ckers.org/xss.html. Resolves Issue #62.
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1262 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1209 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1199 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1189 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1181 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
selected.
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1178 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
When this option is specified (--sanitize-html on the command line),
unsafe HTML tags will be replaced by HTML comments, and unsafe HTML
attributes will be removed. This option should be especially useful
for those who want to use pandoc libraries in web applications, where
users will provide the input.
+ Main.hs: Added --sanitize-html option.
+ Text.Pandoc.Shared: Added stateSanitizeHTML to ParserState.
+ Text.Pandoc.Readers.HTML:
- Added whitelists of sanitaryTags and sanitaryAttributes.
- Added parsers to check these lists (and state) to see if a given
tag or attribute should be counted unsafe.
- Modified anyHtmlTag and anyHtmlEndTag to replace unsafe tags
with comments.
- Modified htmlAttribute to remove unsafe attributes.
- Modified htmlScript and htmlStyle to remove these elements if
unsafe.
- Modified rawHtmlBlock to use anyHtmlBlockTag instead of anyHtmlTag
and anyHtmlEndTag. This fixes a bug in markdown parsing, where
inline tags would be included in raw HTML blocks.
- Modified anyHtmlBlockTag to test for (not inline) rather than
directly for block. This allows us to handle e.g. docbook in
the markdown reader.
- Minor tweaks in nonTitleNonHead and parseTitle.
+ Text.Pandoc.Readers.Markdown:
- In non-strict mode use rawHtmlBlocks instead of htmlBlock.
Simplified htmlBlock, since we know it's only called in strict
mode.
+ Modified README and man pages to document new option.
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1166 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
could cause it to be parsed as a paragraph. (The problem is that
the HTML parser used to eat all blank space after an HTML block,
including the indentation of the code block.) Resolves Issue #39.
+ In Text.Pandoc.Readers.HTML, removed parsing of following space
from rawHtmlBlock.
+ In Text.Pandoc.Readers.Markdown, modified rawHtmlBlocks so that
indentation is eaten *only* on the first line after the HTML
block. This means that in
<div>
foo
<div>
the foo won't be treated as a code block, but in
<div>
foo
</div>
it will. This seems the right approach for least suprise.
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1164 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
Contents of script tags were still being treated as markdown when
the script tags were parsed as inline. Fixed by moving "script"
from the list of tags that can be either block or inline to the
list of block tags.
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1163 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
Resolves Issue #40.
+ Added htmlStyle, analagous to htmlScript.
+ Use htmlStyle in htmlBlockElement and rawHtmlInline.
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1162 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1161 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1153 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
This allows these tags to be handled correctly in Markdown.
HTML reader now uses rawHtmlBlock', which excludes </html> and </body>,
since these are handled in parseHtml. (Resolves Issue #38.)
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1152 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1104 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
moving the contents of src/ to the top level, and should have
been deleted long ago.
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1097 788f1e2b-df1e-0410-8736-df70ead52e1b
|
|
+ Added library Text.Pandoc.Include, with a template haskell
function $(includeStrFrom fname) to include a file as a string
constant at compile time.
+ This removes the need for the 'templates' directory or Makefile
target. These have been removed.
+ The base source directory has been changed from src to .
+ A new 'data' directory has been added, containing the ASCIIMathML.js
script, writer headers, and S5 files.
+ The src/wrappers directory has been moved to 'wrappers'.
+ The Text.Pandoc.ASCIIMathML library is no longer needed, since
Text.Pandoc.Writers.HTML can use includeStrFrom to include the
ASCIIMathML.js code directly. It has been removed.
git-svn-id: https://pandoc.googlecode.com/svn/trunk@1063 788f1e2b-df1e-0410-8736-df70ead52e1b
|
