mirror of
https://github.com/go-gitea/gitea.git
synced 2024-12-17 00:24:46 +01:00
1bf9e44bda
In #9888, it was reported that my earlier pull request #9075 didn't quite function as expected. I was quite hopeful the `ValuesWithShadow()` worked as expected (and, I thought my testing showed it did) but I guess not. @zeripath proposed an alternative syntax which I like: ```ini [markup.sanitizer.1] ELEMENT=a ALLOW_ATTR=target REGEXP=something [markup.sanitizer.2] ELEMENT=a ALLOW_ATTR=target REGEXP=something ``` This was quite easy to adopt into the existing code. I've done so in a semi-backwards-compatible manner: - The value from `.Value()` is used for each element. - We parse `[markup.sanitizer]` and all `[markup.sanitizer.*]` sections and add them as rules. This means that existing configs will load one rule (not all rules). It also means people can use string identifiers (`[markup.sanitiser.KaTeX]`) if they prefer, instead of numbered ones. Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> |
||
---|---|---|
.. | ||
cache.go | ||
cors.go | ||
cron.go | ||
database_sqlite.go | ||
database_test.go | ||
database.go | ||
git.go | ||
indexer_test.go | ||
indexer.go | ||
log.go | ||
mailer.go | ||
markup.go | ||
migrations.go | ||
queue.go | ||
repository.go | ||
service.go | ||
session.go | ||
setting.go | ||
task.go | ||
webhook.go |