summaryrefslogtreecommitdiff
path: root/public
diff options
context:
space:
mode:
authorSheogorath2018-02-25 14:48:50 +0100
committerSheogorath2018-02-25 14:54:21 +0100
commit5d347d583d16d38333c84cfba4219826e45dfd0b (patch)
treeb3b475ab5405353ad4d91e8729471119c6d5650c /public
parentf642a1159900b332d3e88efd538cec22e3c8615a (diff)
Extend HTML5 support by whitelisting various tags
HTML5 provides a wide feature set of useful elements. Since Markdown usually supports HTML it should be able to use these HTML5 tags as well. As they were requested by some users and they where checked for being safe, whitelisting them isn't a problem. To make the experience the same as on GitHub when it comes to the basic look and feel of the rendered markdown, some CSS was added to make the summary and the details tag look like on GitHub. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Diffstat (limited to '')
-rw-r--r--public/css/markdown.css9
-rw-r--r--public/js/render.js12
2 files changed, 20 insertions, 1 deletions
diff --git a/public/css/markdown.css b/public/css/markdown.css
index 6741729d..36e45781 100644
--- a/public/css/markdown.css
+++ b/public/css/markdown.css
@@ -188,3 +188,12 @@
.markdown-body .alert > ul {
margin-bottom: 0;
}
+
+/* Make details boxes look like on GitHub */
+.markdown-body details summary {
+ cursor: pointer;
+}
+
+.markdown-body summary {
+ display: list-item;
+}
diff --git a/public/js/render.js b/public/js/render.js
index 46489247..860f8272 100644
--- a/public/js/render.js
+++ b/public/js/render.js
@@ -19,8 +19,18 @@ whiteList['style'] = []
whiteList['kbd'] = []
// allow ifram tag with some safe attributes
whiteList['iframe'] = ['allowfullscreen', 'name', 'referrerpolicy', 'sandbox', 'src', 'width', 'height']
-// allow summary tag
+// allow details tag
+whiteList['details'] = []
+// allow summary tag for details
whiteList['summary'] = []
+// allow ruby tag
+whiteList['ruby'] = []
+// allow rt tag for ruby
+whiteList['rt'] = []
+// allow figure tag
+whiteList['figure'] = []
+// allow figcaption tag
+whiteList['figcaption'] = []
var filterXSSOptions = {
allowCommentTag: true,