From 7f168d49a686a7e779b2012d6e05f8717c5400f9 Mon Sep 17 00:00:00 2001 From: j433866 Date: Fri, 12 Jul 2019 09:33:13 +0100 Subject: [PATCH 1/3] Add render markdown operation --- package.json | 1 + src/core/operations/RenderMarkdown.mjs | 59 ++++++++++++++++++++++++++ 2 files changed, 60 insertions(+) create mode 100644 src/core/operations/RenderMarkdown.mjs diff --git a/package.json b/package.json index 5dea14a9..88e4c8a2 100644 --- a/package.json +++ b/package.json @@ -129,6 +129,7 @@ "lodash": "^4.17.11", "loglevel": "^1.6.3", "loglevel-message-prefix": "^3.0.0", + "markdown-it": "^9.0.0", "moment": "^2.24.0", "moment-timezone": "^0.5.25", "ngeohash": "^0.6.3", diff --git a/src/core/operations/RenderMarkdown.mjs b/src/core/operations/RenderMarkdown.mjs new file mode 100644 index 00000000..d329e993 --- /dev/null +++ b/src/core/operations/RenderMarkdown.mjs @@ -0,0 +1,59 @@ +/** + * @author j433866 [j433866@gmail.com] + * @copyright Crown Copyright 2019 + * @license Apache-2.0 + */ + +import Operation from "../Operation"; +import MarkdownIt from "markdown-it"; + +/** + * Render Markdown operation + */ +class RenderMarkdown extends Operation { + + /** + * RenderMarkdown constructor + */ + constructor() { + super(); + + this.name = "Render Markdown"; + this.module = "Default"; + this.description = "Renders Markdown as HTML."; + this.infoURL = "https://wikipedia.org/wiki/Markdown"; + this.inputType = "string"; + this.outputType = "html"; + this.args = [ + { + name: "Autoconvert URLs to links", + type: "boolean", + value: false + }, + { + name: "Convert \\n to <br>", + type: "boolean", + value: false + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {html} + */ + run(input, args) { + const [convertLinks, convertNewLine] = args, + md = new MarkdownIt({ + breaks: convertNewLine, + linkify: convertLinks + }), + rendered = md.render(input); + + return `
${rendered}
`; + } + +} + +export default RenderMarkdown; From b94eb6adb085bd454c08536f318ee66e15c6d451 Mon Sep 17 00:00:00 2001 From: j433866 Date: Thu, 29 Aug 2019 14:08:07 +0100 Subject: [PATCH 2/3] Add syntax highlighting Explicitly disable HTML rendering. Updated description. --- src/core/operations/RenderMarkdown.mjs | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/src/core/operations/RenderMarkdown.mjs b/src/core/operations/RenderMarkdown.mjs index d329e993..60afa0fb 100644 --- a/src/core/operations/RenderMarkdown.mjs +++ b/src/core/operations/RenderMarkdown.mjs @@ -4,8 +4,9 @@ * @license Apache-2.0 */ -import Operation from "../Operation"; +import Operation from "../Operation.mjs"; import MarkdownIt from "markdown-it"; +import hljs from "highlight.js"; /** * Render Markdown operation @@ -20,7 +21,7 @@ class RenderMarkdown extends Operation { this.name = "Render Markdown"; this.module = "Default"; - this.description = "Renders Markdown as HTML."; + this.description = "Renders input Markdown as HTML."; this.infoURL = "https://wikipedia.org/wiki/Markdown"; this.inputType = "string"; this.outputType = "html"; @@ -31,9 +32,9 @@ class RenderMarkdown extends Operation { value: false }, { - name: "Convert \\n to <br>", + name: "Enable syntax highlighting", type: "boolean", - value: false + value: true } ]; } @@ -44,10 +45,19 @@ class RenderMarkdown extends Operation { * @returns {html} */ run(input, args) { - const [convertLinks, convertNewLine] = args, + const [convertLinks, enableHighlighting] = args, md = new MarkdownIt({ - breaks: convertNewLine, - linkify: convertLinks + linkify: convertLinks, + html: false, // Explicitly disable HTML rendering + highlight: function(str, lang) { + if (lang && hljs.getLanguage(lang) && enableHighlighting) { + try { + return hljs.highlight(lang, str).value; + } catch (__) {} + } + + return ""; + } }), rendered = md.render(input); From f8d1cf2f60187b279fd4f2cd0c06279bca049eb0 Mon Sep 17 00:00:00 2001 From: n1474335 Date: Fri, 30 Aug 2019 15:46:24 +0100 Subject: [PATCH 3/3] Tidied up 'Render Markdown' operation --- package-lock.json | 39 ++++++++++++++++++++++++-- src/core/config/Categories.json | 3 +- src/core/operations/RenderMarkdown.mjs | 4 +-- 3 files changed, 40 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index c19bbcb3..c716a9d7 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2068,7 +2068,6 @@ "version": "1.0.10", "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, "requires": { "sprintf-js": "~1.0.2" } @@ -4786,6 +4785,11 @@ "tapable": "^1.0.0" } }, + "entities": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/entities/-/entities-1.1.2.tgz", + "integrity": "sha512-f2LZMYl1Fzu7YSBKg+RoROelpOaNrcGmE9AZubeDfrCEia483oW4MI4VyFd5VNHIgQ/7qm1I0wUHK1eJnn2y2w==" + }, "errno": { "version": "0.1.7", "resolved": "https://registry.npmjs.org/errno/-/errno-0.1.7.tgz", @@ -8786,6 +8790,14 @@ "resolved": "https://registry.npmjs.org/libyara-wasm/-/libyara-wasm-0.0.12.tgz", "integrity": "sha512-AjTe4FiBuH4F7HwGT/3UxoRenczXtrbM6oWGrifxb44LrkDh5VxRNg9zwfPpDA5Fcc1iYcXS0WVA/b3DGtD8cQ==" }, + "linkify-it": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/linkify-it/-/linkify-it-2.2.0.tgz", + "integrity": "sha512-GnAl/knGn+i1U/wjBz3akz2stz+HrHLsxMwHQGofCDfPvlf+gDKN58UtfmUquTY4/MXeE2x7k19KQmeoZi94Iw==", + "requires": { + "uc.micro": "^1.0.1" + } + }, "livereload-js": { "version": "2.4.0", "resolved": "https://registry.npmjs.org/livereload-js/-/livereload-js-2.4.0.tgz", @@ -9141,6 +9153,18 @@ "object-visit": "^1.0.0" } }, + "markdown-it": { + "version": "9.1.0", + "resolved": "https://registry.npmjs.org/markdown-it/-/markdown-it-9.1.0.tgz", + "integrity": "sha512-xHKG4C8iPriyfu/jc2hsCC045fKrMQ0VexX2F1FGYiRxDxqMB2aAhF8WauJ3fltn2kb90moGBkiiEdooGIg55w==", + "requires": { + "argparse": "^1.0.7", + "entities": "~1.1.1", + "linkify-it": "^2.0.0", + "mdurl": "^1.0.1", + "uc.micro": "^1.0.5" + } + }, "md5.js": { "version": "1.3.5", "resolved": "https://registry.npmjs.org/md5.js/-/md5.js-1.3.5.tgz", @@ -9152,6 +9176,11 @@ "safe-buffer": "^5.1.2" } }, + "mdurl": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/mdurl/-/mdurl-1.0.1.tgz", + "integrity": "sha1-/oWy7HWlkDfyrf7BAP1sYBdhFS4=" + }, "media-typer": { "version": "0.3.0", "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz", @@ -12677,8 +12706,7 @@ "sprintf-js": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", - "dev": true + "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=" }, "ssdeep.js": { "version": "0.0.2", @@ -13596,6 +13624,11 @@ "resolved": "https://registry.npmjs.org/ua-parser-js/-/ua-parser-js-0.7.20.tgz", "integrity": "sha512-8OaIKfzL5cpx8eCMAhhvTlft8GYF8b2eQr6JkCyVdrgjcytyOmPCXrqXFcUnhonRpLlh5yxEZVohm6mzaowUOw==" }, + "uc.micro": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-1.0.6.tgz", + "integrity": "sha512-8Y75pvTYkLJW2hWQHXxoqRgV7qb9B+9vFEtidML+7koHUFapnVJAZ6cKs+Qjz5Aw3aZWHMC6u0wJE3At+nSGwA==" + }, "uglify-js": { "version": "3.6.0", "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.6.0.tgz", diff --git a/src/core/config/Categories.json b/src/core/config/Categories.json index bfec8d72..99679570 100755 --- a/src/core/config/Categories.json +++ b/src/core/config/Categories.json @@ -358,7 +358,8 @@ "BSON serialise", "BSON deserialise", "To MessagePack", - "From MessagePack" + "From MessagePack", + "Render Markdown" ] }, { diff --git a/src/core/operations/RenderMarkdown.mjs b/src/core/operations/RenderMarkdown.mjs index 60afa0fb..c656bf5b 100644 --- a/src/core/operations/RenderMarkdown.mjs +++ b/src/core/operations/RenderMarkdown.mjs @@ -20,8 +20,8 @@ class RenderMarkdown extends Operation { super(); this.name = "Render Markdown"; - this.module = "Default"; - this.description = "Renders input Markdown as HTML."; + this.module = "Code"; + this.description = "Renders input Markdown as HTML. HTML rendering is disabled to avoid XSS."; this.infoURL = "https://wikipedia.org/wiki/Markdown"; this.inputType = "string"; this.outputType = "html";