Template
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo synced 2024-11-24 10:46:10 +01:00
forgejo/modules/setting
Alexander Scheel ee7df7ba8c Markdown: Sanitizier Configuration (#9075)
* Support custom sanitization policy

Allowing the gitea administrator to configure sanitization policy allows
them to couple external renders and custom templates to support more
markup. In particular, the `pandoc` renderer allows generating KaTeX
annotations, wrapping them in `<span>` elements with class `math` and
either `inline` or `display` (depending on whether or not inline or
block mode was requested).

This iteration gives the administrator whitelisting powers; carefully
crafted regexes will thus let through only the desired attributes
necessary to support their custom markup.

Resolves: #9054

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>

* Document new sanitization configuration

 - Adds basic documentation to app.ini.sample,
 - Adds an example to the Configuration Cheat Sheet, and
 - Adds extended information to External Renderers section.

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>

* Drop extraneous length check in newMarkupSanitizer(...)

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>

* Fix plural ELEMENT and ALLOW_ATTR in docs

These were left over from their initial names. Make them singular to
conform with the current expectations.

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>
2019-12-07 14:49:04 -05:00
..
cache.go Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
cors.go Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
cron.go Update migrated repositories' issues/comments/prs poster id if user has a github external user saved (#7751) 2019-10-14 09:10:42 +03:00
database.go Expose db.SetMaxOpenConns and allow non MySQL dbs to set conn pool params (#8528) 2019-10-21 22:20:47 +01:00
database_sqlite.go Move database settings from models to setting (#7806) 2019-08-24 11:24:45 +02:00
database_test.go Move database settings from models to setting (#7806) 2019-08-24 11:24:45 +02:00
git.go Support git.PATH entry in app.ini (#6772) 2019-07-07 03:26:56 -04:00
indexer.go Restore Graceful Restarting & Socket Activation (#7274) 2019-10-15 14:39:51 +01:00
indexer_test.go Restrict repository indexing by glob match (#7767) 2019-09-11 20:26:28 +03:00
log.go Fix #9151 - smtp logger configuration sendTos should be an array (#9154) 2019-11-25 13:38:57 +00:00
mailer.go Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
markup.go Markdown: Sanitizier Configuration (#9075) 2019-12-07 14:49:04 -05:00
migrations.go Add retry for migration http/https requests (#9019) 2019-11-16 16:30:06 +08:00
repository.go Configurable close and reopen keywords for PRs (#8120) 2019-10-30 14:43:59 +02:00
service.go Auto-subscribe user to repository when they commit/tag to it (#7657) 2019-11-10 09:22:19 +00:00
session.go Use gitea forked macaron (#7933) 2019-08-23 12:40:29 -04:00
setting.go Only show part of members on orgnization dashboard and add paging for orgnization members page (#9092) 2019-12-06 13:34:54 +08:00
task.go Move migrating repository from frontend to backend (#6200) 2019-10-13 21:23:14 +08:00
webhook.go Webhook support custom proxy (#8760) 2019-11-08 16:25:53 -05:00