Radish alpha
r
radicle-explorer
Radicle web interface
Radicle
Git (anonymous pull)
Log in to clone via SSH
Patches
Add markdown support to node description
did:key:z6MkfWmq...UvNm wants to merge 1 commit into master · opened 1 year ago

check check-visual check-unit-test check-http-client-unit-test check-radicle-httpd check-e2e check-build check-http

👉 Preview 👉 Workflow runs 👉 Branch on GitHub

Activity Commits 1 Changes +16 -2
did:key:z6MkfWmq...UvNm opened with revision 6fc58e092b04696453a679f9e33fcbed8df6b72c on base 870f0733fe9d525736f2b96b6f16094747cbb1e2 +2 -2 1 year ago
sebastinez commented on revision 1 1 year ago

Hey mog first thanks for your patch!

So having the node description being raw html has some security concerns around injection of malicious codes into nodes that can be executed on user machines, which we address by escaping it by svelte. If we want to apply your patch I think we should at least sanitize it with dompurify how we do it in some other places around the repo.

See this example in Markdown.svelte

did:key:z6MkfWmq...UvNm pushed revision 2 a1e1d0054b0089f3ef8630428b412db90eecaa1c on base 870f0733fe9d525736f2b96b6f16094747cbb1e2 +16 -2 1 year ago

changes requested by sebastinez

did:key:z6MkfWmq...UvNm commented on revision 1 1 year ago

Thanks for feedback. I think this is what you are looking for. If you look at https://rad.rldn.net, this is what I am trying to use it for, using the more secure version you suggested seems to work

did:key:z6MkfWmq...UvNm pushed revision 3 35bb5d7b46c5118686d7bd25d8e3405520cd98c1 on base 870f0733fe9d525736f2b96b6f16094747cbb1e2 +16 -2 1 year ago

fixes requested by sebastinez

better escaping of html

sebastinez pushed revision 4 f8541c057af9d88df869bef4ad7f0de48bc37f85 on base 870f0733fe9d525736f2b96b6f16094747cbb1e2 +8 -2 1 year ago

Simplify node description parsing

We probably don't need the markdown extension for the description.

sebastinez commented on revision 4 1 year ago

@mog would be ok with that change? I think we don't need the full featured markdown parsing we do for markdown files for the node description, wdyt?

did:key:z6MkfWmq...UvNm commented on revision 4 1 year ago

Yes this modified patch solves my issue

sebastinez pushed revision 5 f26594fd3bbc20c1f2a3f8ae582de8cb7ea13cbf on base 870f0733fe9d525736f2b96b6f16094747cbb1e2 +8 -2 1 year ago

Rename commits

sebastinez pushed revision 6 7c1c687ad674b18abdb3f50d14fa0e68e6b5331a on base b21b2bae5e735a6629f17120b2c64b0a790ff418 +8 -2 1 year ago

Rebase

sebastinez pushed revision 7 70d8a6c5ad5824854a08fd46c7bddb7f075cfbc5 on base b21b2bae5e735a6629f17120b2c64b0a790ff418 +128 -91 1 year ago
sebastinez pushed revision 8 7954898a5b85f97f0533afd7afaffd715867fc15 on base b21b2bae5e735a6629f17120b2c64b0a790ff418 +132 -91 1 year ago
sebastinez pushed revision 9 e25e5c946f7398a4b140ff5c92b061419e2c3c8f on base b21b2bae5e735a6629f17120b2c64b0a790ff418 +131 -88 1 year ago
sebastinez pushed revision 10 10bb8bcc6f106333d8f7e01900596ede7f585736 on base b21b2bae5e735a6629f17120b2c64b0a790ff418 +136 -90 1 year ago

Add node description to tests to check for correct markdown parsing

sebastinez pushed revision 11 de4bd373c110cfd4589261c7437208ed09d0b9f9 on base b21b2bae5e735a6629f17120b2c64b0a790ff418 +88 -47 1 year ago

Move Renderer back

rudolfs accepted 1 year ago
Sign in with GitHub to comment