markdown: let Parsedown escape content
Letting Parsedown escape the content, instead of calling htmlspecialchars provides more context to the escape process. For example the ampersand character can now be used in markdown links as part of the url without breaking.
This commit is contained in:
Tobias Wiese
Igor Scheller
parent
e2a99a5b1d
commit
9db8773150
|
|
@ -40,10 +40,6 @@ class Markdown extends TwigExtension
|
||||||
*/
|
*/
|
||||||
public function render(string $text, bool $escapeHtml = true): string
|
public function render(string $text, bool $escapeHtml = true): string
|
||||||
{
|
{
|
||||||
if ($escapeHtml) {
|
return $this->renderer->setSafeMode($escapeHtml)->text($text);
|
||||||
$text = htmlspecialchars($text);
|
|
||||||
}
|
|
||||||
|
|
||||||
return $this->renderer->text($text);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -13,10 +13,7 @@ class MarkdownTest extends ExtensionTest
|
||||||
*/
|
*/
|
||||||
public function testGeFilters()
|
public function testGeFilters()
|
||||||
{
|
{
|
||||||
/** @var Parsedown|MockObject $renderer */
|
$extension = new Markdown(new Parsedown());
|
||||||
$renderer = $this->createMock(Parsedown::class);
|
|
||||||
|
|
||||||
$extension = new Markdown($renderer);
|
|
||||||
$filters = $extension->getFilters();
|
$filters = $extension->getFilters();
|
||||||
|
|
||||||
$this->assertExtensionExists('markdown', [$extension, 'render'], $filters);
|
$this->assertExtensionExists('markdown', [$extension, 'render'], $filters);
|
||||||
|
|
@ -29,17 +26,12 @@ class MarkdownTest extends ExtensionTest
|
||||||
*/
|
*/
|
||||||
public function testRender()
|
public function testRender()
|
||||||
{
|
{
|
||||||
/** @var Parsedown|MockObject $renderer */
|
$extension = new Markdown(new Parsedown());
|
||||||
$renderer = $this->createMock(Parsedown::class);
|
|
||||||
|
|
||||||
$return = '<p>Lorem <em>"Ipsum"</em></p>';
|
$this->assertEquals(
|
||||||
$renderer->expects($this->once())
|
'<p><i>Lorem</i> <em>"Ipsum"</em></p>',
|
||||||
->method('text')
|
$extension->render('<i>Lorem</i> *"Ipsum"*'),
|
||||||
->with('Lorem *"Ipsum"*')
|
);
|
||||||
->willReturn($return);
|
|
||||||
|
|
||||||
$extension = new Markdown($renderer);
|
|
||||||
$this->assertEquals($return, $extension->render('Lorem *"Ipsum"*'));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -47,17 +39,12 @@ class MarkdownTest extends ExtensionTest
|
||||||
*/
|
*/
|
||||||
public function testRenderHtml()
|
public function testRenderHtml()
|
||||||
{
|
{
|
||||||
/** @var Parsedown|MockObject $renderer */
|
$renderer = new Parsedown();
|
||||||
$renderer = $this->createMock(Parsedown::class);
|
|
||||||
|
|
||||||
$input = '<i>**test**</i>';
|
|
||||||
$return = '<p><strong><i>**test**</i></strong></p>';
|
|
||||||
$renderer->expects($this->once())
|
|
||||||
->method('text')
|
|
||||||
->with($input)
|
|
||||||
->willReturn($return);
|
|
||||||
|
|
||||||
$extension = new Markdown($renderer);
|
$extension = new Markdown($renderer);
|
||||||
$this->assertEquals($return, $extension->render($input, false));
|
|
||||||
|
$this->assertEquals(
|
||||||
|
'<p><i>Lorem</i> <em>"Ipsum"</em></p>',
|
||||||
|
$extension->render('<i>Lorem</i> *"Ipsum"*', false),
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue