gitea/modules/markup
KN4CK3R a09b40de8d
Prevent double sanitize (#16386)
* Prevent double sanitize.
* Use SanitizeReaderToWriter.

At the moment `actualRender` uses `SanitizeReader` to sanitize the output. But `SanitizeReader` gets called in `markup.render` too so the output gets sanitized twice.

I moved the `SanitizeReader` call into `RenderRaw` because this method does not use `markup.render`. I would like to remove the `RenderRaw`/`RenderRawString` methods too because they are only called from tests, the fuzzer and the `/markup/raw` api endpoint. This endpoint is not in use so I think we could remove them. If we really in the future need a method to render markdown without PostProcessing we could achieve this with a more flexible `renderer.NeedPostProcess` method.
2021-11-19 18:46:47 +08:00
..
common
csv Properly determine CSV delimiter (#17459) 2021-10-30 23:50:40 +08:00
external
markdown Prevent double sanitize (#16386) 2021-11-19 18:46:47 +08:00
mdstripper A better go code formatter, and now `make fmt` can run in Windows (#17684) 2021-11-17 20:34:35 +08:00
orgmode
html.go
html_internal_test.go
html_test.go
renderer.go Prevent double sanitize (#16386) 2021-11-19 18:46:47 +08:00
renderer_test.go A better go code formatter, and now `make fmt` can run in Windows (#17684) 2021-11-17 20:34:35 +08:00
sanitizer.go Prevent double sanitize (#16386) 2021-11-19 18:46:47 +08:00
sanitizer_test.go