]> git.openstreetmap.org Git - rails.git/commitdiff
Merge remote-tracking branch 'upstream/pull/2115'
authorTom Hughes <tom@compton.nu>
Wed, 16 Jan 2019 10:20:29 +0000 (10:20 +0000)
committerTom Hughes <tom@compton.nu>
Wed, 16 Jan 2019 10:20:29 +0000 (10:20 +0000)
Gemfile
Gemfile.lock
app/assets/stylesheets/common.scss
config/initializers/sanitize.rb
config/locales/en.yml
lib/rich_text.rb
test/lib/rich_text_test.rb

diff --git a/Gemfile b/Gemfile
index f75921f123d5303424b92e0b35cddb99710200d1..3cf07504549ec3038bb67402b51de2db2904a387 100644 (file)
--- a/Gemfile
+++ b/Gemfile
@@ -77,7 +77,7 @@ gem "omniauth-openid"
 gem "omniauth-windowslive"
 
 # Markdown formatting support
-gem "redcarpet"
+gem "kramdown"
 
 # For status transitions of Issues
 gem "aasm"
index 2aba9c21bd4d92a685997c816d5bba3ff0537572..3b70d157a1218d4bbfa28706ed4bb398b37b13e2 100644 (file)
@@ -161,6 +161,7 @@ GEM
       jsonify (< 0.4.0)
     jwt (2.1.0)
     kgio (2.11.2)
+    kramdown (1.17.0)
     libv8 (3.16.14.19)
     libxml-ruby (3.1.0)
     listen (3.1.5)
@@ -303,7 +304,6 @@ GEM
       ffi (~> 1.0)
     record_tag_helper (1.0.0)
       actionview (~> 5.x)
-    redcarpet (3.4.0)
     ref (2.0.0)
     request_store (1.4.1)
       rack (>= 1.4)
@@ -412,6 +412,7 @@ DEPENDENCIES
   json
   jsonify-rails
   kgio
+  kramdown
   libxml-ruby (>= 2.0.5)
   listen
   logstasher
@@ -438,7 +439,6 @@ DEPENDENCIES
   rails-controller-testing
   rails-i18n (~> 4.0.0)
   record_tag_helper
-  redcarpet
   rinku (>= 1.2.2)
   rotp
   rubocop
index d36e77285252cdcf77e05ffc6c7ada777d244786..d725cc287557d365dd06ce09c39a369871e74a0f 100644 (file)
@@ -2342,11 +2342,11 @@ a.button {
     margin-left: $lineheight;
   }
 
-  ul li {
+  ul li {
     list-style: disc;
   }
 
-  ol li {
+  ol li {
     list-style: decimal;
   }
 }
index 240f1e315e404a24665f92d77c5e30e2b78bc195..c7b7b33266ab0024a5ab3c5a79bf9ff5b69e6c60 100644 (file)
@@ -1,5 +1,5 @@
 Sanitize::Config::OSM = Sanitize::Config::RELAXED.dup
 
 Sanitize::Config::OSM[:elements] -= %w[div style]
-Sanitize::Config::OSM[:add_attributes] = { "a" => { "rel" => "nofollow" } }
+Sanitize::Config::OSM[:add_attributes] = { "a" => { "rel" => "nofollow noopener noreferer" } }
 Sanitize::Config::OSM[:remove_contents] = %w[script style]
index e87e8f8ee2af63d75e94497759ec9054e9b4f11e..bbcba0f2cca71cd347e3018cdc296d5c8737080a 100644 (file)
@@ -1626,7 +1626,7 @@ en:
       edit: Edit
       preview: Preview
     markdown_help:
-      title_html: Parsed with <a href="https://daringfireball.net/projects/markdown/">Markdown</a>
+      title_html: Parsed with <a href="https://kramdown.gettalong.org/quickref.html">kramdown</a>
       headings: Headings
       heading: Heading
       subheading: Subheading
index d0539b2b081293e12d68d80b8b1058286c8167d8..2b3e07d6acb72b0221379ea0d0a80c681f383b78 100644 (file)
@@ -55,11 +55,15 @@ module RichText
       SimpleFormat.new.simple_format(text)
     end
 
-    def linkify(text)
+    def sanitize(text)
+      Sanitize.clean(text, Sanitize::Config::OSM).html_safe
+    end
+
+    def linkify(text, mode = :urls)
       if text.html_safe?
-        Rinku.auto_link(text, :urls, tag_builder.tag_options(:rel => "nofollow")).html_safe
+        Rinku.auto_link(text, mode, tag_builder.tag_options(:rel => "nofollow noopener noreferer")).html_safe
       else
-        Rinku.auto_link(text, :urls, tag_builder.tag_options(:rel => "nofollow"))
+        Rinku.auto_link(text, mode, tag_builder.tag_options(:rel => "nofollow noopener noreferer"))
       end
     end
   end
@@ -72,30 +76,16 @@ module RichText
     def to_text
       to_s
     end
-
-    private
-
-    def sanitize(text)
-      Sanitize.clean(text, Sanitize::Config::OSM).html_safe
-    end
   end
 
   class Markdown < Base
     def to_html
-      Markdown.html_parser.render(self).html_safe
+      linkify(sanitize(Kramdown::Document.new(self).to_html), :all)
     end
 
     def to_text
       to_s
     end
-
-    def self.html_renderer
-      @html_renderer ||= Redcarpet::Render::XHTML.new(:filter_html => true, :safe_links_only => true, :link_attributes => { :rel => "nofollow" })
-    end
-
-    def self.html_parser
-      @html_parser ||= Redcarpet::Markdown.new(html_renderer, :no_intra_emphasis => true, :autolink => true, :space_after_headers => true)
-    end
   end
 
   class Text < Base
index 74d396b687284fabfd38a9476445323a02014a20..e1603fb0968e6ab5a08a77bfbb9ff7d8f3fa1a16 100644 (file)
@@ -8,14 +8,14 @@ class RichTextTest < ActiveSupport::TestCase
     assert_html r do
       assert_select "a", 1
       assert_select "a[href='http://example.com/']", 1
-      assert_select "a[rel='nofollow']", 1
+      assert_select "a[rel='nofollow noopener noreferer']", 1
     end
 
     r = RichText.new("html", "foo <a href='http://example.com/'>bar</a> baz")
     assert_html r do
       assert_select "a", 1
       assert_select "a[href='http://example.com/']", 1
-      assert_select "a[rel='nofollow']", 1
+      assert_select "a[rel='nofollow noopener noreferer']", 1
     end
 
     r = RichText.new("html", "foo example@example.com bar")
@@ -27,7 +27,7 @@ class RichTextTest < ActiveSupport::TestCase
     assert_html r do
       assert_select "a", 1
       assert_select "a[href='mailto:example@example.com']", 1
-      assert_select "a[rel='nofollow']", 1
+      assert_select "a[rel='nofollow noopener noreferer']", 1
     end
 
     r = RichText.new("html", "foo <div>bar</div> baz")
@@ -64,28 +64,28 @@ class RichTextTest < ActiveSupport::TestCase
     assert_html r do
       assert_select "a", 1
       assert_select "a[href='http://example.com/']", 1
-      assert_select "a[rel='nofollow']", 1
+      assert_select "a[rel='nofollow noopener noreferer']", 1
     end
 
     r = RichText.new("markdown", "foo [bar](http://example.com/) baz")
     assert_html r do
       assert_select "a", 1
       assert_select "a[href='http://example.com/']", 1
-      assert_select "a[rel='nofollow']", 1
+      assert_select "a[rel='nofollow noopener noreferer']", 1
     end
 
     r = RichText.new("markdown", "foo example@example.com bar")
     assert_html r do
       assert_select "a", 1
       assert_select "a[href='mailto:example@example.com']", 1
-      assert_select "a[rel='nofollow']", 1
+      assert_select "a[rel='nofollow noopener noreferer']", 1
     end
 
     r = RichText.new("markdown", "foo [bar](mailto:example@example.com) bar")
     assert_html r do
       assert_select "a", 1
       assert_select "a[href='mailto:example@example.com']", 1
-      assert_select "a[rel='nofollow']", 1
+      assert_select "a[rel='nofollow noopener noreferer']", 1
     end
 
     r = RichText.new("markdown", "foo ![bar](http://example.com/example.png) bar")
@@ -162,7 +162,7 @@ class RichTextTest < ActiveSupport::TestCase
     assert_html r do
       assert_select "a", 1
       assert_select "a[href='http://example.com/']", 1
-      assert_select "a[rel='nofollow']", 1
+      assert_select "a[rel='nofollow noopener noreferer']", 1
     end
 
     r = RichText.new("text", "foo example@example.com bar")