Commit Graph

448 Commits

Author SHA1 Message Date
Sam 0b3d51a8bc FEATURE: whitelist lang attribute 2018-08-02 16:53:08 +10:00
OsamaSayegh f13a7226db FIX: display tables in posts history diff (#6032) 2018-07-12 14:13:52 +10:00
Sam b54ba4c952 FIX: mentions broken after adding an <abbr> tag
A previous shortcut used was not allowing for <abbr and other tags starting with a

If <abbr> appeared anywhere in the text all mentions would fail to link
2018-07-05 09:27:11 +10:00
Joffrey JAFFEUX 03a7d532cf
DEV: introduces prettier for es6 files 2018-06-15 17:03:24 +02:00
Joffrey JAFFEUX dd76ba90b3
FIX: bbcode regex was greedy and preventing quotes 2018-05-23 11:55:02 +02:00
Joffrey JAFFEUX 691174fa8f
FEATURE: adds emoji search aliases 2018-05-01 15:43:49 +02:00
Sam a0cd54750c FIX: inline [code] not handled properly
The text

a
[code]test[/code]

Would eat up the `test` text cause translation from inline to block
for replace rule was not properly handled
2018-04-26 15:18:22 +10:00
Robin Ward 58c81db279 Apply a 'no-group' class to quotes for styling 2018-04-02 14:02:16 -04:00
Robin Ward 90d3544db8 UX: Add a class we can use to target quotes without groups 2018-04-02 14:02:16 -04:00
Robin Ward 31a0c4a9be FEATURE: Add `quote-modified` class if a quote has been modified 2018-03-13 13:41:06 -04:00
Arpit Jalan 322618fc34 FIX: capital bbcode tags were broken 2018-03-04 22:10:54 +05:30
Sam d39d2b9352 FEATURE: whitelist data for themes 2018-03-02 14:52:09 +11:00
Neil Lalonde 3313072957 Remove censored_pattern site setting, which is replaced by watched words 2018-02-26 16:29:27 -05:00
Régis Hanol 60ec483caa FIX: include title in local onebox when linking to a different topic 2018-02-19 22:40:14 +01:00
hnb-ku afdc559f4f FEATURE: Whitelist div[data-theme-*] (#5598)
* Whitelist div[data-theme-*]

Whitelisting data attributes on <div> elements that match [data-theme-*] allows theme authors to target elements in posts and not have those attributes sanitized. 

https://meta.discourse.org/t/79520/16

* Update white-lister.js.es6
2018-02-15 04:32:41 -05:00
Sam f028ffaf29 SECURITY: correct local onebox category checks
Also removes ugly "source_topic_id" from cooked posts

Patch was authored by @zogstrip

Signed-off-by: Sam <sam.saffron@gmail.com>
2018-02-14 10:40:46 +11:00
Sam 60ee9a4ccf make tests a bit happier 2018-02-01 15:56:22 +11:00
Sam ee0d3f15c1 FEATURE: allow better fidelity for auto linkify, disable most tlds based linkify
New site settings:

enable_markdown_linkify: which is default on, auto links https:// and http:// and mail://

markdown_linkify_tlds: which allows control of what tlds get autolinked for cases such as www.site.com, default is com|net|gov
2018-02-01 13:22:38 +11:00
Maja Komel 330912e1e5 FIX: allowed href scheme link can start with a + (#5537)
* allowed href scheme link can start with a +

* allow tel:// links only to start with +

* add missing semicolon

* add test
2018-01-30 11:02:23 +11:00
Sam f946db4afe FIX: inline oneboxer min title length of 2
also: cache mini onebox misses as well to cut down traffic
2018-01-30 08:40:04 +11:00
Neil Lalonde dc97239040 FIX: censored regex words were replacing other text that shouldn't be censored 2018-01-24 12:33:47 -05:00
Sam 3492a91056 FEATURE: allow site operators to disable emoji shortcuts 2018-01-24 12:21:44 +11:00
Neil Lalonde edb3a7f646 FIX: support for watched_words_regular_expressions when censoring words 2018-01-10 14:11:23 -05:00
Neil Lalonde ad62f1099c FIX: censored words should support * as wildcard 2018-01-09 15:53:40 -05:00
Sam a9e2fc59c4 FIX: [constructor] bbcode would cause markdown crash 2017-12-27 16:11:30 +11:00
Joffrey JAFFEUX fd99e1ef56 FEATURE: site setting enable_mentions to turn on/off mentions 2017-12-07 16:27:58 -05:00
Guo Xiang Tan 4531563717 Hide new advanced editor and preview sync behind a hidden site settings. 2017-12-06 12:34:58 +08:00
Guo Xiang Tan 44333c5de3 REFACTORY: Dry up some composer syncing code. 2017-11-24 14:57:36 +08:00
Guo Xiang Tan 486016acea UX: Improve editor and preview scroll syncing. 2017-11-23 17:02:02 +08:00
Sam d43a54e83a FIX: use current_user.id in onebox instead of param 2017-11-23 15:32:19 +11:00
Robin Ward f8164956dd Add quote and mention support for username formatters 2017-11-20 16:28:03 -05:00
Sam 38c103c75e correct spec 2017-11-13 18:09:24 +11:00
Sam 8a66446849 FEATURE: add overflow-y auto to Markdown tables 2017-11-13 17:52:15 +11:00
Sam 232311aa8c FIX: missing short image resolution on queued posts 2017-11-13 12:08:11 +11:00
Sam 3ac7d041ae UX: generic onebox treats all square images as avatars and renders them smaller 2017-11-13 11:21:19 +11:00
ckeboss 93633865d9 Adds primary user group as a class to quote (#5285)
* Adds primary user group as a class to quote

This feature addition will add the class `group-PRIMARY_USER_GROUP` to
the quote `aside`. `PRIMARY_USER_GROUP` will be the primary user group
of the user being quoted. This is similar to the class that is added to
a `topic-post`.

* Remove trailing whitespace

* Fix avatar in test

* Address PR comments

* Fix trailing whitespace
2017-11-03 09:51:40 -04:00
Robin Ward a0dd75ba88 FEATURE: New API to create a custom formatter for displaying usernames
This is not exhaustive right now, but a good start and we can add to
it over time.
2017-10-30 13:27:08 -04:00
Robin Ward fb2e581b26 FIX: Headings must begin with `heading--` to avoid some griefing 2017-10-16 11:53:47 -04:00
Sam 229a10e142 Missed a whitelist, compensate for strict classes 2017-10-16 10:46:01 +11:00
Sam 9cb088e3f6 FIX: restrict classes allowed for img tag in Markdown 2017-10-16 09:34:30 +11:00
Robin Ward 1af4acbb3d Add tests to flagged topics 2017-09-25 12:25:14 -04:00
Guo Yunhe 7d29ccf207 bbcode find close tag loop end condition
Only break loop when close tag has been found. Otherwise, keep searching until the end of string.
2017-09-06 09:13:57 +03:00
Arpit Jalan ebbdd4fe0f FIX: error when rebaking posts 2017-09-02 22:22:29 +05:30
Sam Saffron 46ebd0ee40 correct spec and allow for zero allowed iframes 2017-09-01 12:08:55 -04:00
Sam Saffron e283e6aea0 FEATURE: allowed_iframes site setting for allowing iframes
This allows you to whitelist custom iframes if needed in posts
2017-09-01 10:15:44 -04:00
Sam d7a2584c6e FEATURE: image uploads now have short urls
Shorten all image uploads to use short urls, this is the client
side implementation.
2017-08-22 16:40:08 -04:00
Sam bcf7dc38c2 FEATURE: server side support for upload:// markdown
This allows uploads to be specified using short sha1 hash instead of full
URL

Client side change is pending
2017-08-22 11:46:23 -04:00
Sam 5942ad83c0 Skip inline onebox for domain only 2017-08-02 17:27:58 -04:00
Sam a4e1920604 FIX: inline oneboxer not applying to lists 2017-08-02 16:10:08 -04:00
Sam 4f574e7c93 FEATURE: support inline bbcode blocks eg: [quote]test[/quote] 2017-07-27 17:55:17 -04:00
Neil Lalonde 24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
David Taylor 27539e15e1 Allow whitespace around % scaler in markdown image syntax (#5000) 2017-07-26 10:54:20 -04:00
Sam 4da98cdcfe FIX: allow bbcode to be unquoted for default 2017-07-24 18:36:17 -04:00
Sam 40abcfc2f5 FIX: smart quote edge case with quotes 2017-07-24 12:21:49 -04:00
Sam 9b4f5710e6 api cleanup for before / after rules 2017-07-21 16:12:11 -04:00
Sam e1ce47a901 Pass the full CommonMark spec 2017-07-21 13:20:52 -04:00
Robin Ward aa5b8a5749 REFACTOR: Merge onebox and inline onebox code paths 2017-07-21 13:12:30 -04:00
Robin Ward 657e592a39 FIX: Oneboxes were not being previewed 2017-07-20 17:12:54 -04:00
Robin Ward 3882722195 FEATURE: Inline (Mini) Oneboxing
see:
https://meta.discourse.org/t/mini-inline-onebox-support-rfc/66400?source_topic_id=66066
2017-07-20 15:38:04 -04:00
Sam 44fb2a2833 DEV: support multiple capture groups for text post process 2017-07-20 15:33:44 -04:00
Sam 1096dcd602 correct bbcode parsing edge case 2017-07-20 13:02:40 -04:00
Sam 911ffbb98c Correct mention edge cases
@sam. was not correctly detected as a mention
2017-07-20 11:52:38 -04:00
Joffrey JAFFEUX 6de258d4cf FEATURE: Introduces new emoji-picker 2017-07-19 16:48:23 +02:00
Sam c7b0764089 correct more edge cases with new engine 2017-07-17 17:44:48 -04:00
Sam 8921058c67 FIX: medium URL with @ incorrectly handled as mention
Also:

- remove unused code
- rename bbcode_ruler to bbcode.ruler
- add md.core.textPostProcess.ruler to apply at end of chain (excluding links)
2017-07-17 17:44:48 -04:00
Sam Saffron d0c5205a52 Feature: Change markdown engine to markdown it
This commit removes the old evilstreak markdownjs engine.

- Adds specs to WhiteLister and changes it to stop using globals
    (Fixes large memory leak)
- Fixes edge cases around bbcode handling
- Removes mdtest which is no longer valid (to be replaced with
    CommonMark)
- Updates MiniRacer to correct minor unmanaged memory leak
- Fixes plugin specs
2017-07-17 11:41:34 -04:00
Sam 79a084dd58 Revert "remove old markdown engine work-in-progress"
This reverts commit ee470b5317.
2017-07-12 18:10:51 -04:00
Sam bcbb9f208d Revert "Integrate new engine, correct old specs"
This reverts commit f1b38ba4fb.
2017-07-12 18:10:07 -04:00
Sam d609f8a53c Revert "correct more specs"
This reverts commit 40bcc6bbdc.
2017-07-12 18:10:05 -04:00
Sam 40bcc6bbdc correct more specs 2017-07-12 17:44:40 -04:00
Sam f1b38ba4fb Integrate new engine, correct old specs
corrects edge cases with

- full quotes
- [url] with nested tags
- engine overrides
- onebox applying to non http srcs
2017-07-12 17:44:40 -04:00
Sam Saffron ee470b5317 remove old markdown engine work-in-progress 2017-07-12 17:44:40 -04:00
Sam 98e03b04b5 Don't depend on imports for md extensions 2017-07-11 16:48:25 -04:00
Sam 5d139e461c FIX: multi option poll not working (new engine) 2017-07-11 14:43:34 -04:00
Sam 3f950a756a FEATURE: support image dimensions via Markdown image 2017-07-11 12:13:03 -04:00
Sam ba9898c5a9 FIX: smarter newline handling for <img> tags on line alone
Run all of pretty text spec on new engine
2017-07-10 12:22:15 -04:00
Sam 9fb180f839 we don't want that console.log 2017-07-07 16:38:52 -04:00
Sam 6f09df0deb FIX: don't create tags autolinks inside links (new engine) 2017-07-07 13:04:25 -04:00
Sam 436b894f7a FIX: mention not working after a newline (new engine) 2017-07-07 11:06:50 -04:00
Robin Ward 754c1e5438 Upgrade to Babel 6 2017-07-05 15:25:23 -04:00
Sam d2ba543ed3 correct case where %20 decoded as space in auto link
correct case where onebox is not applied when url is decoded
2017-07-03 16:32:53 -04:00
Sam 0650c8dbab optimize rule lookup
we have tons of bbcode rules, might as well speed them up
2017-06-30 15:19:16 -04:00
Sam a55e679563 support wrap function in bbcode rules 2017-06-30 12:21:01 -04:00
Sam ca40c1725c add support for a wrap function in bbcode replace 2017-06-29 16:43:57 -04:00
Sam d941ed90d6 support for bbcode [code] blocks 2017-06-29 16:04:10 -04:00
Sam de50d8cd35 Support for [email] [url] [img] bbcodes 2017-06-29 14:00:09 -04:00
Sam c6b83f4714 Correct logic so hashtags are properly ignored in links 2017-06-29 12:48:20 -04:00
Sam 0e391a72a1 use custom whitelister for tables 2017-06-28 16:08:29 -04:00
Sam 6200d7d6ab correct bug where only a single poll per topic worked 2017-06-28 15:36:19 -04:00
Sam cfbda863e8 implement unicode emoji replacements 2017-06-28 13:47:30 -04:00
Sam 4c5109ff5b FEATURE: site setting for Markdown typographer
It ships anyway with markdown.it so we might as well expose it
2017-06-27 16:50:13 -04:00
Sam 0d62420cbe Space prior to onebox stops onebox resolution 2017-06-27 16:16:17 -04:00
Sam 232de90607 explicit autolink should not be oneboxed 2017-06-27 15:34:16 -04:00
Sam 0e0092d738 corrected a parsing edge cases for bbcode blocks 2017-06-27 10:07:06 -04:00
Sam 21f7ac1f25 correct spec, require closing tag for bbcode blocks 2017-06-26 16:51:55 -04:00
Sam 8967d50dc2 Clean up sanitization code
- remove html table test, this is soon to be deprecated
- move sanitization tests into pretty text.rb
- fix up whitelister so it makes a copy of options
2017-06-26 15:21:47 -04:00
Sam e9f55adb3a FEATURE: add table support 2017-06-26 13:25:05 -04:00
Sam df5ee0cfc1 correct onebox rendering so it fills in cached
the onebox plugin needs to pull in the actual cached onebox
and bypass the whitelister for onebox content
2017-06-26 13:09:58 -04:00
Sam 81eb3218b2 FEATURE: used strict sanitizer by default
This amends it so sanitize always uses the most strict sanitizer
by default, if it needs to be "widened" to use more options then
you need to pass it more options.
2017-06-26 11:27:30 -04:00
Sam da5ccd2000 correctly hunt for console.log 2017-06-23 15:24:20 -04:00
Sam 814c8804d4 correct text highlighting for no highlight 2017-06-23 14:35:46 -04:00
Sam 05e5a740a6 FEATURE: consistent bbcode inline and block rulers 2017-06-23 12:01:33 -04:00
Sam 234694b50f Feature: CommonMark support
This adds the markdown.it engine to Discourse.
https://github.com/markdown-it/markdown-it

As the migration is going to take a while the new engine is default
disabled. To enable it you must change the hidden site setting:
enable_experimental_markdown_it.

This commit is a squash of many other commits, it also includes some
improvements to autospec (ability to run plugins), and a dev dependency
on the og gem for html normalization.
2017-06-23 12:01:33 -04:00
Joffrey JAFFEUX 353d059133 Explains sort/reverse of emoji replacements 2017-06-14 17:54:52 +02:00
Joffrey JAFFEUX 95e1843d33 Improves native emoji conversion 2017-06-14 17:42:52 +02:00
Sam 826f332766 Merge pull request #4901 from jjaffeux/emoji-5.0
Emoji next
2017-06-13 11:12:41 -04:00
Robin Ward bd70656b90 FIX: Oneboxing root domains could stop previewing 2017-06-12 12:13:29 -04:00
Joffrey JAFFEUX ba07ae67fb prefer const over let 2017-06-05 14:35:27 +02:00
Joffrey JAFFEUX f8e5cbd81a prefer const when not reasigned 2017-06-05 14:33:52 +02:00
Joffrey JAFFEUX 64336a8c75 Emoji 5.0 support 2017-06-05 14:06:23 +02:00
Robin Ward 0829671963 FIX: Nested quotes weren't rendered properly with BBCode 2017-04-03 14:38:30 -04:00
Robin Ward 45a257815a Convert front end paths from `/users/` to `/u/` 2017-03-30 10:23:24 -04:00
Régis Hanol 67eb754c3c remove duplicate emoji translation 2017-03-22 12:07:17 +01:00
Régis Hanol ccd4832726 Add 'slight_smile' emoji translations 2017-03-22 10:17:10 +01:00
Guo Xiang Tan 0f2de4863b Make Eslint happy. 2017-01-31 10:45:04 +08:00
Guo Xiang Tan 058df4329d FIX: Escape escape regexp characters. 2017-01-31 10:39:45 +08:00
Guo Xiang Tan 1758af9a1d FIX: Perform emoji unescape for topic titles in quotes. 2017-01-11 17:23:13 +08:00
Guo Xiang Tan 1cf0401e26 Allow option to not include title on emoji images. 2017-01-03 11:07:55 +08:00
Régis Hanol bf9e59eda9 FIX: add option for the oneboxer to be synchronous 2016-12-20 11:18:03 +01:00
Guo Xiang Tan 375f3feeb8 FIX: Topic featured links not getting oneboxed immediately. 2016-12-20 10:27:12 +08:00
Régis Hanol 52cd9972bb FIX: prevent DDoS with lots of _oneboxable_ links
FIX: ensure the onebox route is only allowed to logged in users
FIX: only allow 1 outgoing onebox preview per user
FIX: client should only do 1 preview at a time
2016-12-20 00:31:10 +01:00
Régis Hanol af387edeb0 FIX: quote button issues
- disappear when moving to another topic
- disappears when clicking outside of the selection
- works even when selecting the last paragraph of a post
- works on all latest mobile OS
2016-11-24 18:23:33 +01:00
Régis Hanol 2710525d01 FIX: custom emojis leaking over multisite - take 2 2016-11-17 23:28:27 +01:00
Régis Hanol a0f1090d79 FIX: custom emojis leaking over multisites 2016-11-17 19:35:39 +01:00
Neil Lalonde f10520a5f2 fix broken js lint 2016-11-08 17:59:51 -05:00
Neil Lalonde 86522a52b7 FEATURE: add censored_pattern setting to censor posts using regex 2016-11-08 16:39:26 -05:00
Régis Hanol 78cd42943f FEATURE: add 'emoji-custom' class to custom emojis 2016-11-08 16:36:09 +01:00
David McClure 9bbab6e64e FIX: Auto-link URLs that are inside parentheses 2016-10-29 18:57:25 -07:00
Régis Hanol 3841cd9a7f FEATURE: onebox everything by default
FEATURE: new 'max_oneboxes_per_post' site setting
FEATURE: change onebox whitelist to a blacklist
PERF: debounce the loading of oneboxes
PERF: improve perf of mention links in preview
FIX: sort loading of custom oneboxer
2016-10-24 12:46:22 +02:00
Neil Lalonde 761cc688b4 FEATURE: add a setting to allow url schemes other than http(s) 2016-10-21 12:21:31 -04:00
Robin Ward 4d8584f427 FIX: Support `div dir=` in sanitizer 2016-08-15 11:19:10 -04:00
Robin Ward 9cb8d5d19e FIX: Whitelist the `big` tag 2016-07-29 16:11:18 -04:00
Robin Ward fbfd3124a0 Whitelist some more tags and add extra tests 2016-07-26 11:02:09 -04:00
Sam 521d3d11f2 allow some more tags through 2016-07-26 09:43:30 +10:00
Jeff Atwood 41dda1882e let's expire all emoji 2016-07-25 15:38:13 -07:00
Robin Ward b9177af1eb FIX: Protocol-less links that begin with `a` shouldn't error 2016-07-20 13:44:12 -04:00
Robin Ward 16383a1749 FIX: Also support just `open` 2016-07-20 13:30:36 -04:00
Robin Ward 7dd4470075 FIX: Allow `div align` 2016-07-20 12:39:12 -04:00
Robin Ward ad7e2f15c7 Support linking to anchored headings in the first post 2016-07-19 17:05:45 -04:00
Robin Ward 8141e1d9bc FIX: details fixes with extra formatting 2016-07-19 15:14:55 -04:00
Robin Ward 00e45c0d3c FIX: Safari strict mode errors 2016-07-13 15:36:34 -04:00
Guo Xiang Tan c3cab98998 FEATURE: Admins should be able to create polls even when plugin is disabled. 2016-07-13 18:05:19 +08:00
Robin Ward 4d65370797 FIX: `<strike>` was no longer whitelisted 2016-07-11 12:57:05 -04:00
Régis Hanol a2b9b01d0f FIX: details plugin wasn't working properly 2016-07-11 12:57:05 -04:00
Robin Ward a291944835 FIX: Add `kbd` support to the sanitizer 2016-07-11 12:57:05 -04:00
Robin Ward bba0fd0654 REFACTOR: PreloadStore to ES6 2016-07-11 12:57:05 -04:00
Robin Ward b8125b3512 REFACTOR: Remove `Discourse.Ajax` 2016-07-11 12:57:05 -04:00
Robin Ward a546395397 REFACTOR: Migrate markdown functionality in ES6 2016-07-11 12:57:05 -04:00