diff options
Diffstat (limited to 'public/js')
| -rw-r--r-- | public/js/extra.js | 43 | ||||
| -rw-r--r-- | public/js/index.js | 15 | ||||
| -rw-r--r-- | public/js/lib/appState.js | 3 | ||||
| -rw-r--r-- | public/js/lib/editor/index.js | 8 | ||||
| -rw-r--r-- | public/js/lib/editor/ui-elements.js | 1 | ||||
| -rw-r--r-- | public/js/locale.js | 3 | ||||
| -rw-r--r-- | public/js/mathjax-config-extra.js | 8 | ||||
| -rw-r--r-- | public/js/render.js | 4 | ||||
| -rw-r--r--[-rwxr-xr-x] | public/js/reveal-markdown.js | 2 | ||||
| -rw-r--r-- | public/js/slide.js | 3 |
10 files changed, 66 insertions, 24 deletions
diff --git a/public/js/extra.js b/public/js/extra.js index bf388139..ec7d39da 100644 --- a/public/js/extra.js +++ b/public/js/extra.js @@ -156,7 +156,11 @@ export function renderTags (view) { } function slugifyWithUTF8 (text) { - let newText = S(text.toLowerCase()).trim().stripTags().dasherize().s + // remove html tags and trim spaces + let newText = S(text).trim().stripTags().s + // replace all spaces in between to dashes + newText = newText.replace(/\s+/g, '-') + // slugify string to make it valid for attribute newText = newText.replace(/([!"#$%&'()*+,./:;<=>?@[\\\]^`{|}~])/g, '') return newText } @@ -373,22 +377,19 @@ export function finishView (view) { var $value = $(value) const $ele = $(value).closest('pre') - let mermaidError = null - window.mermaid.parseError = (err, hash) => { - mermaidError = err + window.mermaid.mermaidAPI.parse($value.text()) + $ele.addClass('mermaid') + $ele.html($value.text()) + window.mermaid.init(undefined, $ele) + } catch (err) { + var errormessage = err + if (err.str) { + errormessage = err.str } - if (window.mermaidAPI.parse($value.text())) { - $ele.addClass('mermaid') - $ele.html($value.text()) - window.mermaid.init(undefined, $ele) - } else { - throw new Error(mermaidError) - } - } catch (err) { $value.unwrap() - $value.parent().append('<div class="alert alert-warning">' + err + '</div>') - console.warn(err) + $value.parent().append('<div class="alert alert-warning">' + errormessage + '</div>') + console.warn(errormessage) } }) // abc.js @@ -559,6 +560,15 @@ export function finishView (view) { // only static transform should be here export function postProcess (code) { const result = $(`<div>${code}</div>`) + // process style tags + result.find('style').each((key, value) => { + let html = $(value).html() + // unescape > symbel inside the style tags + html = html.replace(/>/g, '>') + // remove css @import to prevent XSS + html = html.replace(/@import url\(([^)]*)\);?/gi, '') + $(value).html(html) + }) // link should open in new window or tab result.find('a:not([href^="#"]):not([target])').attr('target', '_blank') // update continue line numbers @@ -997,9 +1007,10 @@ md.use(markdownitContainer, 'info', { render: renderContainer }) md.use(markdownitContainer, 'warning', { render: renderContainer }) md.use(markdownitContainer, 'danger', { render: renderContainer }) +let defaultImageRender = md.renderer.rules.image md.renderer.rules.image = function (tokens, idx, options, env, self) { tokens[idx].attrJoin('class', 'raw') - return self.renderToken(...arguments) + return defaultImageRender(...arguments) } md.renderer.rules.list_item_open = function (tokens, idx, options, env, self) { tokens[idx].attrJoin('class', 'raw') @@ -1083,7 +1094,7 @@ const gistPlugin = new Plugin( (match, utils) => { const gistid = match[1] - const code = `<code data-gist-id="${gistid}"/>` + const code = `<code data-gist-id="${gistid}"></code>` return code } ) diff --git a/public/js/index.js b/public/js/index.js index b336af90..5ff716fd 100644 --- a/public/js/index.js +++ b/public/js/index.js @@ -1633,6 +1633,10 @@ ui.toolbar.view.click(function () { ui.toolbar.both.click(function () { changeMode(modeType.both) }) + +ui.toolbar.night.click(function () { + toggleNightMode() +}) // permission // freely ui.infobar.permission.freely.click(function () { @@ -1666,6 +1670,17 @@ $('.ui-delete-modal-confirm').click(function () { socket.emit('delete') }) +function toggleNightMode () { + var $body = $('body') + var isActive = ui.toolbar.night.hasClass('active') + if (isActive) { + $body.removeClass('night') + appState.nightMode = false + } else { + $body.addClass('night') + appState.nightMode = true + } +} function emitPermission (_permission) { if (_permission !== permission) { socket.emit('permission', _permission) diff --git a/public/js/lib/appState.js b/public/js/lib/appState.js index fb8030e1..87aaf737 100644 --- a/public/js/lib/appState.js +++ b/public/js/lib/appState.js @@ -2,7 +2,8 @@ import modeType from './modeType' let state = { syncscroll: true, - currentMode: modeType.view + currentMode: modeType.view, + nightMode: false } export default state diff --git a/public/js/lib/editor/index.js b/public/js/lib/editor/index.js index 2991998b..003b32b7 100644 --- a/public/js/lib/editor/index.js +++ b/public/js/lib/editor/index.js @@ -74,6 +74,8 @@ export default class Editor { }, 'Cmd-Left': 'goLineLeftSmart', 'Cmd-Right': 'goLineRight', + 'Home': 'goLineLeftSmart', + 'End': 'goLineRight', 'Ctrl-C': function (cm) { if (!isMac && cm.getOption('keyMap').substr(0, 3) === 'vim') { document.execCommand('copy') @@ -169,13 +171,13 @@ export default class Editor { this.statusLength.text('Length ' + docLength) if (docLength > (config.docmaxlength * 0.95)) { this.statusLength.css('color', 'red') - this.statusLength.attr('title', 'Your almost reach note max length limit.') + this.statusLength.attr('title', 'You have almost reached the limit for this document.') } else if (docLength > (config.docmaxlength * 0.8)) { this.statusLength.css('color', 'orange') - this.statusLength.attr('title', 'You nearly fill the note, consider to make more pieces.') + this.statusLength.attr('title', 'This document is nearly full, consider splitting it or creating a new one.') } else { this.statusLength.css('color', 'white') - this.statusLength.attr('title', 'You could write up to ' + config.docmaxlength + ' characters in this note.') + this.statusLength.attr('title', 'You can write up to ' + config.docmaxlength + ' characters in this document.') } } diff --git a/public/js/lib/editor/ui-elements.js b/public/js/lib/editor/ui-elements.js index 0d330d77..88a1e3ca 100644 --- a/public/js/lib/editor/ui-elements.js +++ b/public/js/lib/editor/ui-elements.js @@ -37,6 +37,7 @@ export const getUIElements = () => ({ edit: $('.ui-edit'), view: $('.ui-view'), both: $('.ui-both'), + night: $('.ui-night'), uploadImage: $('.ui-upload-image') }, infobar: { diff --git a/public/js/locale.js b/public/js/locale.js index 2a2c1814..71c0f99f 100644 --- a/public/js/locale.js +++ b/public/js/locale.js @@ -11,6 +11,9 @@ $('.ui-locale option').each(function () { }) if (Cookies.get('locale')) { lang = Cookies.get('locale') + if (lang === 'zh') { + lang = 'zh-TW' + } } else if (supportLangs.indexOf(userLang) !== -1) { lang = supportLangs[supportLangs.indexOf(userLang)] } else if (supportLangs.indexOf(userLangCode) !== -1) { diff --git a/public/js/mathjax-config-extra.js b/public/js/mathjax-config-extra.js new file mode 100644 index 00000000..11ba59c6 --- /dev/null +++ b/public/js/mathjax-config-extra.js @@ -0,0 +1,8 @@ +window.MathJax = { + messageStyle: 'none', + skipStartupTypeset: true, + tex2jax: { + inlineMath: [['$', '$'], ['\\(', '\\)']], + processEscapes: true + } +} diff --git a/public/js/render.js b/public/js/render.js index 88a05bde..46489247 100644 --- a/public/js/render.js +++ b/public/js/render.js @@ -18,7 +18,7 @@ whiteList['style'] = [] // allow kbd tag whiteList['kbd'] = [] // allow ifram tag with some safe attributes -whiteList['iframe'] = ['allowfullscreen', 'name', 'referrerpolicy', 'sandbox', 'src', 'srcdoc', 'width', 'height'] +whiteList['iframe'] = ['allowfullscreen', 'name', 'referrerpolicy', 'sandbox', 'src', 'width', 'height'] // allow summary tag whiteList['summary'] = [] @@ -27,7 +27,7 @@ var filterXSSOptions = { whiteList: whiteList, escapeHtml: function (html) { // allow html comment in multiple lines - return html.replace(/<(.*?)>/g, '<$1>') + return html.replace(/<(?!!--)/g, '<').replace(/-->/g, '__HTML_COMMENT_END__').replace(/>/g, '>').replace(/__HTML_COMMENT_END__/g, '-->') }, onIgnoreTag: function (tag, html, options) { // allow comment tag diff --git a/public/js/reveal-markdown.js b/public/js/reveal-markdown.js index 94f6fb91..d15b5ebd 100755..100644 --- a/public/js/reveal-markdown.js +++ b/public/js/reveal-markdown.js @@ -320,7 +320,7 @@ import { md } from './extra' var notes = section.querySelector('aside.notes') var markdown = getMarkdownFromSlide(section) - + markdown = markdown.replace(/</g, '<').replace(/>/g, '>') var rendered = md.render(markdown) rendered = preventXSS(rendered) var result = window.postProcess(rendered) diff --git a/public/js/slide.js b/public/js/slide.js index 293ebfe2..59a352ec 100644 --- a/public/js/slide.js +++ b/public/js/slide.js @@ -4,9 +4,10 @@ require('../css/extra.css') require('../css/site.css') +import { preventXSS } from './render' import { md, updateLastChange, removeDOMEvents, finishView } from './extra' -const body = $('.slides').text() +const body = preventXSS($('.slides').text()) window.createtime = window.lastchangeui.time.attr('data-createtime') window.lastchangetime = window.lastchangeui.time.attr('data-updatetime') |