Radish alpha
r
radicle-explorer
rad:z4V1sjrXqjvFdnCUbxPFqd5p4DtH5
Radicle web interface
Radicle
Git
Patches β€Ί 6fc58e09
Add markdown support to node description
Open did:key:z6MkfWmq...UvNm opened 1 year ago

check check-visual check-unit-test check-http-client-unit-test check-radicle-httpd check-e2e check-build check-http

πŸ‘‰ Preview πŸ‘‰ Workflow runs πŸ‘‰ Branch on GitHub

Activity Changes +0 -0
did:key:z6MkfWmq...UvNm opened with revision 6fc58e09 on base 870f0733 +2 -2 1 year ago

check check-visual check-unit-test check-http-client-unit-test check-radicle-httpd check-e2e check-build check-http

πŸ‘‰ Preview πŸ‘‰ Workflow runs πŸ‘‰ Branch on GitHub

did:key:z6MkkfM3...sVz5 commented on revision 1 1 year ago

Hey mog first thanks for your patch!

So having the node description being raw html has some security concerns around injection of malicious codes into nodes that can be executed on user machines, which we address by escaping it by svelte. If we want to apply your patch I think we should at least sanitize it with dompurify how we do it in some other places around the repo.

See this example in Markdown.svelte

did:key:z6MkfWmq...UvNm pushed revision 2 a1e1d005 on base 870f0733 +16 -2 1 year ago

changes requested by sebastinez

did:key:z6MkfWmq...UvNm commented on revision 1 1 year ago

Thanks for feedback. I think this is what you are looking for. If you look at https://rad.rldn.net, this is what I am trying to use it for, using the more secure version you suggested seems to work

did:key:z6MkfWmq...UvNm pushed revision 3 35bb5d7b on base 870f0733 +16 -2 1 year ago

fixes requested by sebastinez

better escaping of html

did:key:z6MkkfM3...sVz5 pushed revision 4 f8541c05 on base 870f0733 +8 -2 1 year ago

Simplify node description parsing

We probably don’t need the markdown extension for the description.

did:key:z6MkkfM3...sVz5 commented on revision 4 1 year ago

@mog would be ok with that change? I think we don’t need the full featured markdown parsing we do for markdown files for the node description, wdyt?

did:key:z6MkfWmq...UvNm commented on revision 4 1 year ago

Yes this modified patch solves my issue

did:key:z6MkkfM3...sVz5 pushed revision 5 f26594fd on base 870f0733 +8 -2 1 year ago

Rename commits

did:key:z6MkkfM3...sVz5 pushed revision 6 7c1c687a on base b21b2bae +8 -2 1 year ago

Rebase

did:key:z6MkkfM3...sVz5 pushed revision 7 70d8a6c5 on base b21b2bae +128 -91 1 year ago
did:key:z6MkkfM3...sVz5 pushed revision 8 7954898a on base b21b2bae +132 -91 1 year ago
did:key:z6MkkfM3...sVz5 pushed revision 9 e25e5c94 on base b21b2bae +131 -88 1 year ago
did:key:z6MkkfM3...sVz5 pushed revision 10 10bb8bcc on base b21b2bae +136 -90 1 year ago

Add node description to tests to check for correct markdown parsing

did:key:z6MkkfM3...sVz5 pushed revision 11 de4bd373 on base b21b2bae +88 -47 1 year ago

Move Renderer back

rudolfs accepted 1 year ago
Sign in with GitHub to comment