matomo-mirror/github-issues-mirror
Archived
1
0
Fork 0
Code Releases Activity

update HtmlPurifier and use Parsedown for Markdown parsing

Browse source
This commit is contained in:
Lukas Winkler 2017-09-18 19:14:54 +02:00
parent 836d666895
commit 00178788b2
4 changed files with 88 additions and 112 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/composer.json
View file

@ -5,9 +5,9 @@
"slim/views": "0.1.*",
"slim/extras": "2.*",
"knplabs/github-api": "1.2.*",
"michelf/php-markdown": "1.4.*",
"ezyang/htmlpurifier": "4.6.*",
"phpmailer/phpmailer": "5.2.*"
"ezyang/htmlpurifier": "^4.9",
"phpmailer/phpmailer": "5.2.*",
"erusev/parsedown": "^1.6"
},
"autoload":{
"psr-0":{

172
src/composer.lock generated
View file

@ -1,28 +1,73 @@
{
"_readme": [
"This file locks the dependencies of your project to a known state",
"Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically"
],
"hash": "fff90a71843c85bcd10e02d903b1b2ce",
"content-hash": "21b220a1e6a232da843e0113e868c25e",
"packages": [
{
"name": "ezyang/htmlpurifier",
"version": "v4.6.0",
"name": "erusev/parsedown",
"version": "1.6.3",
"source": {
"type": "git",
"url": "https://github.com/ezyang/htmlpurifier.git",
"reference": "6f389f0f25b90d0b495308efcfa073981177f0fd"
"url": "https://github.com/erusev/parsedown.git",
"reference": "728952b90a333b5c6f77f06ea9422b94b585878d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/6f389f0f25b90d0b495308efcfa073981177f0fd",
"reference": "6f389f0f25b90d0b495308efcfa073981177f0fd",
"url": "https://api.github.com/repos/erusev/parsedown/zipball/728952b90a333b5c6f77f06ea9422b94b585878d",
"reference": "728952b90a333b5c6f77f06ea9422b94b585878d",
"shasum": ""
},
"require": {
"php": ">=5.3.0"
},
"type": "library",
"autoload": {
"psr-0": {
"Parsedown": ""
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Emanuil Rusev",
"email": "hello@erusev.com",
"homepage": "http://erusev.com"
}
],
"description": "Parser for Markdown.",
"homepage": "http://parsedown.org",
"keywords": [
"markdown",
"parser"
],
"time": "2017-05-14T14:47:48+00:00"
},
{
"name": "ezyang/htmlpurifier",
"version": "v4.9.3",
"source": {
"type": "git",
"url": "https://github.com/ezyang/htmlpurifier.git",
"reference": "95e1bae3182efc0f3422896a3236e991049dac69"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/95e1bae3182efc0f3422896a3236e991049dac69",
"reference": "95e1bae3182efc0f3422896a3236e991049dac69",
"shasum": ""
},
"require": {
"php": ">=5.2"
},
"require-dev": {
"simpletest/simpletest": "^1.1"
},
"type": "library",
"autoload": {
"psr-0": {
@ -40,8 +85,7 @@
{
"name": "Edward Z. Yang",
"email": "admin@htmlpurifier.org",
"homepage": "http://ezyang.com",
"role": "Developer"
"homepage": "http://ezyang.com"
}
],
"description": "Standards compliant HTML filter written in PHP",
@ -49,7 +93,7 @@
"keywords": [
"html"
],
"time": "2013-11-30 08:25:19"
"time": "2017-06-03T02:28:16+00:00"
},
{
"name": "guzzle/guzzle",
@ -141,7 +185,8 @@
"rest",
"web service"
],
"time": "2014-05-07 17:04:22"
"abandoned": "guzzlehttp/guzzle",
"time": "2014-05-07T17:04:22+00:00"
},
{
"name": "knplabs/github-api",
@ -202,58 +247,7 @@
"gist",
"github"
],
"time": "2014-07-31 23:03:14"
},
{
"name": "michelf/php-markdown",
"version": "1.4.1",
"source": {
"type": "git",
"url": "https://github.com/michelf/php-markdown.git",
"reference": "de9a19c7bf352d41cc99ed86c3c0ef17e87394b6"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/michelf/php-markdown/zipball/de9a19c7bf352d41cc99ed86c3c0ef17e87394b6",
"reference": "de9a19c7bf352d41cc99ed86c3c0ef17e87394b6",
"shasum": ""
},
"require": {
"php": ">=5.3.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-lib": "1.4.x-dev"
}
},
"autoload": {
"psr-0": {
"Michelf": ""
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"BSD-3-Clause"
],
"authors": [
{
"name": "Michel Fortin",
"email": "michel.fortin@michelf.ca",
"homepage": "http://michelf.ca/",
"role": "Developer"
},
{
"name": "John Gruber",
"homepage": "http://daringfireball.net/"
}
],
"description": "PHP Markdown",
"homepage": "http://michelf.ca/projects/php-markdown/",
"keywords": [
"markdown"
],
"time": "2014-05-05 02:43:50"
"time": "2014-07-31T23:03:14+00:00"
},
{
"name": "phpmailer/phpmailer",
@ -306,7 +300,7 @@
}
],
"description": "PHPMailer is a full-featured email creation and transfer class for PHP",
"time": "2014-05-14 07:04:18"
"time": "2014-05-14T07:04:18+00:00"
},
{
"name": "slim/extras",
@ -357,19 +351,19 @@
"middleware",
"templating"
],
"time": "2013-01-07 17:56:10"
"time": "2013-01-07T17:56:10+00:00"
},
{
"name": "slim/slim",
"version": "2.4.3",
"source": {
"type": "git",
"url": "https://github.com/codeguy/Slim.git",
"url": "https://github.com/slimphp/Slim.git",
"reference": "4906b77a07c7bd6ff1a99aea903e940a2d4fa106"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/codeguy/Slim/zipball/4906b77a07c7bd6ff1a99aea903e940a2d4fa106",
"url": "https://api.github.com/repos/slimphp/Slim/zipball/4906b77a07c7bd6ff1a99aea903e940a2d4fa106",
"reference": "4906b77a07c7bd6ff1a99aea903e940a2d4fa106",
"shasum": ""
},
@ -403,7 +397,7 @@
"rest",
"router"
],
"time": "2014-04-05 18:33:59"
"time": "2014-04-05T18:33:59+00:00"
},
{
"name": "slim/views",
@ -411,12 +405,12 @@
"target-dir": "Slim/Views",
"source": {
"type": "git",
"url": "https://github.com/codeguy/Slim-Views.git",
"url": "https://github.com/slimphp/Slim-Views.git",
"reference": "f0a05ea0b654218e40de692ed7cddcad1cf4b828"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/codeguy/Slim-Views/zipball/f0a05ea0b654218e40de692ed7cddcad1cf4b828",
"url": "https://api.github.com/repos/slimphp/Slim-Views/zipball/f0a05ea0b654218e40de692ed7cddcad1cf4b828",
"reference": "f0a05ea0b654218e40de692ed7cddcad1cf4b828",
"shasum": ""
},
@ -457,7 +451,7 @@
"slimphp",
"templating"
],
"time": "2014-04-03 16:31:10"
"time": "2014-04-03T16:31:10+00:00"
},
{
"name": "symfony/event-dispatcher",
@ -465,12 +459,12 @@
"target-dir": "Symfony/Component/EventDispatcher",
"source": {
"type": "git",
"url": "https://github.com/symfony/EventDispatcher.git",
"url": "https://github.com/symfony/event-dispatcher.git",
"reference": "84533bf98da5486b9395a1d95e9184e04e14aad3"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/EventDispatcher/zipball/84533bf98da5486b9395a1d95e9184e04e14aad3",
"url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/84533bf98da5486b9395a1d95e9184e04e14aad3",
"reference": "84533bf98da5486b9395a1d95e9184e04e14aad3",
"shasum": ""
},
@ -516,19 +510,19 @@
],
"description": "Symfony EventDispatcher Component",
"homepage": "http://symfony.com",
"time": "2014-07-08 12:21:33"
"time": "2014-07-08T12:21:33+00:00"
},
{
"name": "twig/twig",
"version": "v1.15.1",
"source": {
"type": "git",
"url": "https://github.com/fabpot/Twig.git",
"url": "https://github.com/twigphp/Twig.git",
"reference": "1fb5784662f438d7d96a541e305e28b812e2eeed"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/fabpot/Twig/zipball/1fb5784662f438d7d96a541e305e28b812e2eeed",
"url": "https://api.github.com/repos/twigphp/Twig/zipball/1fb5784662f438d7d96a541e305e28b812e2eeed",
"reference": "1fb5784662f438d7d96a541e305e28b812e2eeed",
"shasum": ""
},
@ -573,23 +567,15 @@
"keywords": [
"templating"
],
"time": "2014-02-13 10:19:29"
"time": "2014-02-13T10:19:29+00:00"
}
],
"packages-dev": [
],
"aliases": [
],
"packages-dev": [],
"aliases": [],
"minimum-stability": "stable",
"stability-flags": [
],
"platform": [
],
"platform-dev": [
]
"stability-flags": [],
"prefer-stable": false,
"prefer-lowest": false,
"platform": [],
"platform-dev": []
}

18
src/helpers/Markdown.php
View file

@ -8,16 +8,8 @@
namespace helpers;
use \Michelf\MarkdownExtra as MarkdownParser;
class Markdown extends MarkdownParser {
protected function doHeaders($text)
{
// Do not transform headers, for instance because of backtraces which contain #0 #1 ...
// They are also not rendered by GitHub issues.
return $text;
}
class Markdown extends \Parsedown {
/**
* Transform markdown to HTML. The HTML will be purified to prevent XSS.
@ -25,15 +17,13 @@ class Markdown extends MarkdownParser {
* @param string $markdown
* @return string
*/
public function transform($markdown)
{
$html = parent::transform($markdown);
public function text($markdown) {
$html = parent::text($markdown);
return $this->purifyHtml($html);
}
private function purifyHtml($html)
{
private function purifyHtml($html) {
$config = \HTMLPurifier_Config::createDefault();
$config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
$config->set('HTML.Allowed', 'p,strong,em,b,a[href],i,span,ul,ol,li,cite,code,pre');

2
src/helpers/Twig.php
View file

@ -26,7 +26,7 @@ class Twig {
{
return new \Twig_SimpleFilter('markdown', function ($text) {
$parser = new Markdown();
return $parser->transform($text);
return $parser->text($text);
});
}