From f2ebf4b10a0b6ec0de13d34e34fe0f722d632535 Mon Sep 17 00:00:00 2001 From: joyqi Date: Wed, 25 Jan 2017 12:12:25 +0800 Subject: [PATCH] add some useful html tag to markdown whitelist --- admin/editor-js.php | 9 +++++++++ var/HyperDown.php | 2 +- var/Markdown.php | 8 ++++++++ 3 files changed, 18 insertions(+), 1 deletion(-) diff --git a/admin/editor-js.php b/admin/editor-js.php index 2d729913..808bee9c 100644 --- a/admin/editor-js.php +++ b/admin/editor-js.php @@ -65,6 +65,15 @@ $(document).ready(function () { span = '', cache = {}; + // 修正白名单 + converter.commonWhiteList += '|img|cite|embed|iframe'; + converter.specialWhiteList = $.extend(converter.specialWhiteList, { + 'ol' : 'ol|li', + 'ul' : 'ul|li', + 'blockquote' : 'blockquote', + 'pre' : 'pre|code' + }); + // 自动跟随 converter.hook('makeHtml', function (html) { // convert all comment diff --git a/var/HyperDown.php b/var/HyperDown.php index c115221f..d0b0a81c 100644 --- a/var/HyperDown.php +++ b/var/HyperDown.php @@ -22,7 +22,7 @@ class HyperDown * @var mixed * @access private */ - private $_specialWhiteList = array( + public $_specialWhiteList = array( 'table' => 'table|tbody|thead|tfoot|tr|td|th' ); diff --git a/var/Markdown.php b/var/Markdown.php index a097d1d1..0186cba2 100644 --- a/var/Markdown.php +++ b/var/Markdown.php @@ -27,6 +27,14 @@ class Markdown self::$parser = new HyperDown(); self::$parser->hook('afterParseCode', array('Markdown', 'transerCodeClass')); self::$parser->hook('beforeParseInline', array('Markdown', 'transerComment')); + + self::$parser->_commonWhiteList .= '|img|cite|embed|iframe'; + self::$parser->_specialWhiteList = array_merge(self::$parser->_specialWhiteList, array( + 'ol' => 'ol|li', + 'ul' => 'ul|li', + 'blockquote' => 'blockquote', + 'pre' => 'pre|code' + )); } return self::$parser->makeHtml($text);