Commit Graph

275 Commits

Author SHA1 Message Date
wxiaoguang 578c02d652
Improve some sanitizer rules (#32534)
This is a backport-only fix for 1.22

1.23 has a proper fix #32533
2024-11-18 03:42:30 +00:00
Lunny Xiao d9c65c9a52
Upgrade bleve to 2.4.2 (#31894)
backport #31762
2024-08-21 05:13:59 +00:00
Giteabot 3fe1f73268
Fix raw wiki links (#31825) (#31845)
Backport #31825 by @Zettat123

Fix #31395

This regression is introduced by #30273. To find out how GitHub handles
this case, I did [some
tests](https://github.com/go-gitea/gitea/issues/31395#issuecomment-2278929115).

I use redirect in this PR instead of checking if the corresponding `.md`
file exists when rendering the link because GitHub also uses redirect.
With this PR, there is no need to resolve the raw wiki link when
rendering a wiki page. If a wiki link points to a raw file, access will
be redirected to the raw link.

---------

Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: yp05327 <576951401@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-17 03:19:26 +00:00
Giteabot 144648a4af
Fix `IsObjectExist` with gogit (#31790) (#31806)
Backport #31790 by @wolfogre

Fix #31271.

When gogit is enabled, `IsObjectExist` calls
`repo.gogitRepo.ResolveRevision`, which is not correct. It's for
checking references not objects, it could work with commit hash since
it's both a valid reference and a commit object, but it doesn't work
with blob objects.

So it causes #31271 because it reports that all blob objects do not
exist.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-08-09 15:43:23 +08:00
Giteabot be302f3025
Support relative paths to videos from Wiki pages (#31061) (#31453)
Backport #31061 by @sergeyvfx

This change fixes cases when a Wiki page refers to a video stored in the
Wiki repository using relative path. It follows the similar case which
has been already implemented for images.

Test plan:
- Create repository and Wiki page
- Clone the Wiki repository
- Add video to it, say `video.mp4`
- Modify the markdown file to refer to the video using `<video
src="video.mp4">`
- Commit the Wiki page
- Observe that the video is properly displayed

Co-authored-by: Sergey Sharybin <sergey.vfx@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-06-22 00:03:31 +03:00
Giteabot 7fbcc58062
Fix markdown math brackets render problem (#31420) (#31430)
Backport #31420 by charles7668

Co-authored-by: charles <30816317+charles7668@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-06-20 17:45:08 +08:00
wxiaoguang 042e9fcd81
Fix rendered wiki page link (#31398) (#31407)
Backport #31398

Fix #31395
2024-06-19 11:23:24 +08:00
wxiaoguang fa307167f9
Fix missing images in editor preview due to wrong links (#31299) (#31393)
Backport #31299

Parse base path and tree path so that media links can be correctly
created with /media/.

Resolves #31294

---------

Co-authored-by: Brecht Van Lommel <brecht@blender.org>
2024-06-17 15:07:21 +08:00
Giteabot 6ca70c5bf2
Fix hash render end with colon (#31319) (#31346)
Backport #31319 by @lunny

Fix a hash render problem like `<hash>: xxxxx` which is usually used in
release notes.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-06-13 01:14:49 +00:00
Giteabot 1c1c2d36e8
Make blockquote attention recognize more syntaxes (#31240) (#31250)
Backport #31240 by wxiaoguang

Fix #31214

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-06-04 16:03:01 +00:00
Giteabot 5136c879c2
Make pasted "img" tag has the same behavior as markdown image (#31235) (#31243)
Backport #31235 by wxiaoguang

Fix #31230

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-06-04 13:26:55 +00:00
Giteabot b6280f4d21
Split sanitizer functions and fine-tune some tests (#31192) (#31200)
Backport #31192 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-31 13:54:14 +00:00
wxiaoguang d4c2db39bf
Refactor AppURL usage (#30885) (#30891)
Backport #30885
Fix #30883
Fix #29591

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-05-08 13:34:43 +00:00
Giteabot 471b411873
Fix markdown URL parsing for commit ID (#30812) (#30855)
Backport #30812 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-04 12:04:05 +08:00
Giteabot ac91bb27ff
Fix markdown rendering when mentioning users (#30795) (#30810)
Backport #30795 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-02 09:48:24 +08:00
silverwind 74f0c84fa4
Enable more `revive` linter rules (#30608)
Noteable additions:

- `redefines-builtin-id` forbid variable names that shadow go builtins
- `empty-lines` remove unnecessary empty lines that `gofumpt` does not
remove for some reason
- `superfluous-else` eliminate more superfluous `else` branches

Rules are also sorted alphabetically and I cleaned up various parts of
`.golangci.yml`.
2024-04-22 11:48:42 +00:00
Rafael c1f76aea45
Use raw Wiki links for non-renderable Wiki files (#30273)
In Wiki pages, short-links created to local Wiki files were always
expanded as regular Wiki Links. In particular, if a link wanted to point
to a file that Gitea doesn't know how to render (e.g, a .zip file), a
user following the link would be silently redirected to the Wiki's home
page.

This change makes short-links* in Wiki pages be expanded to raw wiki
links, so these local wiki files may be accessed without manually
accessing their URL.

* only short-links ending in a file extension that isn't renderable are
affected.

Closes #27121.

Signed-off-by: Rafael Girão <rafael.s.girao@tecnico.ulisboa.pt>
Co-authored-by: silverwind <me@silverwind.io>
2024-04-10 17:49:57 +00:00
wxiaoguang 7396172a02
Fix code block style for code preview (#30298)
Fix #30292

To avoid unnecessary style overriding, use "div" instead of "code"
2024-04-06 20:07:08 +08:00
João Tiago e006451ab1
Fixes #27605: inline math blocks can't be preceeded/followed by alphanumerical characters (#30175)
- Inline math blocks couldn't be preceeded or succeeded by
alphanumerical characters due to changes introduced in PR #21171.
Removed the condition that caused this (precedingCharacter condition)
and added a new exit condition of the for-loop that checks if a specific
'$' was escaped using '\' so that the math expression can be rendered as
intended.
- Additionally this PR fixes another bug where math blocks of the type
'$xyz$abc$' where the dollar sign was not escaped by the user, generated
an error (shown in the screenshots below)
- Altered the tests to accomodate for the changes

Former behaviour (from try.gitea.io):

![image](https://github.com/go-gitea/gitea/assets/114936010/8f0cbb21-321d-451c-b871-c67a8e1e9235)

Fixed behaviour (from my local build):

![image](https://github.com/go-gitea/gitea/assets/114936010/5c22687c-6f11-4407-b5e7-c14b838bc20d)

(Edit) Source code for the README.md file:
```
$x$ -$x$ $x$-

a$xa$ $xa$a 1$xb$ $xb$1

$a a$b b$

a$b $a a$b b$

$a a\$b b$
```

---------

Signed-off-by: João Tiago <joao.leal.tintas@tecnico.ulisboa.pt>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-04-02 18:15:40 +00:00
wxiaoguang ca5c895efb
Render embedded code preview by permlink in markdown (#30234)
The permlink in markdown will be rendered as a code preview block, like GitHub

Co-authored-by: silverwind <me@silverwind.io>
2024-04-02 17:48:27 +00:00
wxiaoguang ab028356c7
Fix markdown color code detection (#30208)
When reviewing PRs, some color names might be mentioned, the
`transformCodeSpan` (which calls `css.ColorHandler`) considered it as a
valid color, but actually it shouldn't be rendered as a color codespan.
2024-03-31 19:17:34 +08:00
wxiaoguang 71706126b5
Refactor markdown render (#30139)
Only split the file into small ones (and rename AttentionTypes to
attentionTypes)
2024-03-28 02:26:13 +00:00
Lunny Xiao 400bb7ced4
Fix bug for markdown rendering of blockquote (#30130)
Caused by #29984

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-03-27 17:09:25 +08:00
wxiaoguang 2ff213bbc1
Refactor markdown attention render (#29984)
Follow #29833 and add tests
2024-03-22 12:16:23 +00:00
wxiaoguang 226231ea27
Fix some pending problems (#29985)
These changes are quite independent and trivial, so I don't want to open
too many PRs.

* https://github.com/go-gitea/gitea/pull/29882#discussion_r1529607091
    * the `f.Close` should be called properly
* the error message could be more meaningful
(https://github.com/go-gitea/gitea/pull/29882#pullrequestreview-1942557935)
*
https://github.com/go-gitea/gitea/pull/29859#pullrequestreview-1942324716
    * the new translation strings don't take arguments
* https://github.com/go-gitea/gitea/pull/28710#discussion_r1443778807
    * stale for long time
*  #28140 
    * a form was forgotten to be changed to work with backend code
2024-03-22 19:17:30 +08:00
coldWater 0e183d81fc
Fix missing error check of bufio.Scanner (#29882)
maybe more
2024-03-19 02:20:36 +00:00
wxiaoguang 66902d89e5
Refactor markdown attention render (#29833)
* Remove some deadcode
* Use 2-word name for CSS class names
* Remove "gt-*" rules for sanitizer

The UI doesn't change much.
2024-03-16 11:34:38 +00:00
coldWater e79a807a84
Refactor markup/csv: don't read all to memory (#29760) 2024-03-14 02:51:55 +00:00
KN4CK3R 85c59d6c21
Use relative links for commits, mentions, and issues in markdown (#29427)
Fixes #29404

Use relative links for
- commits
- mentions
- issues

---------

Co-authored-by: silverwind <me@silverwind.io>
2024-03-13 10:34:58 +00:00
yp05327 8fc1a8f0eb
Fix inconsistent rendering of block mathematical expressions (#29677)
Fix #28735

GitHub render `\```math\``` ` as a block now.
Add `display` class will render it as a block.

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/2a1c20c7-438e-4ab1-8c66-cf91c8343087)

![image](https://github.com/go-gitea/gitea/assets/18380374/b81b8a93-8bca-46a5-b7db-e0d2f53e1342)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-03-11 05:00:50 +00:00
Ankit R Gadiya 5665a0212b
fix: rendering internal file links in org (#29669)
The internal links to other files in the repository were not rendering
with the Src Prefix (/src/branch-name/file-path). This commit fixes that
by using the `SrcLink` as base if available.

Resolves #29668
2024-03-10 18:30:14 +02:00
Yarden Shoham b5c418f271
Don't use `<br />` in alert block (#29650)
- Follows https://github.com/go-gitea/gitea/pull/29121

When I implemented alert blocks I was always testing the markdown in
issue comments. I used `<br />` for line breaks and it looked good. I
have since learned that the markdown on README files doesn't allow these
tags. So a comment with

```md
> [!NOTE]
> If you're interested in using our APIs, we have experimental support with [documentation](https://try.gitea.io/api/swagger).
```

looked like this in a comment

![image](https://github.com/go-gitea/gitea/assets/20454870/96b1de01-2c87-4d4f-83dd-98192b83e9d0)
but looked like this in a README

![image](https://github.com/go-gitea/gitea/assets/20454870/474b636d-dd7a-4b7f-ba27-643803c71aa3)

So I changed how we render the alert block by having the alert itself
have a dedicated paragraph, so line breaks happen naturally between
paragraphs.

# Before

![image](https://github.com/go-gitea/gitea/assets/20454870/474b636d-dd7a-4b7f-ba27-643803c71aa3)

![image](https://github.com/go-gitea/gitea/assets/20454870/167a8d37-9a44-4479-9340-5dc80347b595)

# After

![image](https://github.com/go-gitea/gitea/assets/20454870/2f99fec0-98ff-4ba8-97fe-b4567041ae79)

![image](https://github.com/go-gitea/gitea/assets/20454870/ffdeae11-fb06-4d00-b497-eae135f0d7ad)

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: silverwind <me@silverwind.io>
2024-03-08 09:30:41 +00:00
yp05327 9dc8a6336e
Fix incorrect rendering csv file when file size is larger than UI.CSV.MaxFileSize (#29653)
Fix #29506
2024-03-08 08:44:50 +00:00
wxiaoguang e71eb8930a
Refactor some Str2html code (#29397)
This PR touches the most interesting part of the "template refactoring".

1. Unclear variable type. Especially for "web/feed/convert.go":
sometimes it uses text, sometimes it uses HTML.
2. Assign text content to "RenderedContent" field, for example: `
project.RenderedContent = project.Description` in web/org/projects.go
3. Assign rendered content to text field, for example: `r.Note =
rendered content` in web/repo/release.go
4. (possible) Incorrectly calling `{{Str2html
.PackageDescriptor.Metadata.ReleaseNotes}}` in
package/content/nuget.tmpl, I guess the name Str2html misleads
developers to use it to "render string to html", but it only sanitizes.
if ReleaseNotes really contains HTML, then this is not a problem.
2024-03-01 07:11:51 +00:00
KN4CK3R a6fd0176de
Fix wrong test usage of `AppSubURL` (#29459)
The tests use an invalid `setting.AppSubURL`. The wrong behaviour
disturbs other PRs like #29222 and #29427.
2024-02-29 03:39:24 +00:00
wxiaoguang 6130522aa8
Refactor markup rendering to accept general "protocol:" prefix (#29276)
Follow #29024

Major changes:

* refactor validLinksPattern to fullURLPattern and add comments, now it
accepts "protocol:" prefix
* rename `IsLink*` to `IsFullURL*`, and remove unnecessray "mailto:"
check
* fix some comments (by the way)
* rename EmojiShortCodeRegex -> emojiShortCodeRegex (by the way)
2024-02-21 10:08:08 +00:00
wxiaoguang f3eb835886
Refactor locale&string&template related code (#29165)
Clarify when "string" should be used (and be escaped), and when
"template.HTML" should be used (no need to escape)

And help PRs like  #29059 , to render the error messages correctly.
2024-02-14 21:48:45 +00:00
Yarden Shoham 12865ae9c6
Add alert blocks in markdown (#29121)
- Follows https://github.com/go-gitea/gitea/pull/21711
- Closes https://github.com/go-gitea/gitea/issues/28316

Implement GitHub's alert blocks markdown feature

Docs:
-
https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#alerts
- https://github.com/orgs/community/discussions/16925

### Before

![image](https://github.com/go-gitea/gitea/assets/20454870/14f7b02a-5de5-4fd0-8437-a055dadb31f2)

### After

![image](https://github.com/go-gitea/gitea/assets/20454870/ed06a869-e545-42f1-bf25-4ba20b1be196)

## ⚠️ BREAKING ⚠️

The old syntax no longer works

How to migrate:

If you used
```md
> **Note** My note
```

Switch to
```md
> [!NOTE]
> My note
```

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-02-10 18:43:09 +00:00
wxiaoguang 2bac85dc33
Fix orgmode link resolving (#29024)
Fix #28974

Add some new tests and fix some legacy unclear tests.
2024-02-07 08:32:31 +00:00
silverwind a6cea59514
Update tool dependencies (#29030) 2024-02-02 19:11:39 -05:00
KN4CK3R 01acd1eea3
Strip `/` from relative links (#28932)
Fixes #28915

Restores the old behaviour:

https://github.com/go-gitea/gitea/pull/26745/files#diff-d78a9d361b1fddc12218e4dd42f42d39d6be1fda184041e06bb6fb30f0d94c59L96
2024-01-27 11:36:01 +08:00
KN4CK3R c46316f7ae
Respect branch info for relative links (#28909)
Fix #28904

Co-authored-by: Giteabot <teabot@gitea.io>
2024-01-25 09:54:44 +01:00
Adam Majer d68a613ba8
Add support for sha256 repositories (#23894)
Currently only SHA1 repositories are supported by Gitea. This adds
support for alternate SHA256 with the additional aim of easier support
for additional hash types in the future.

Fixes: #13794
Limited by: https://github.com/go-git/go-git/issues/899
Depend on: #28138

<img width="776" alt="图片" src="https://github.com/go-gitea/gitea/assets/81045/5448c9a7-608e-4341-a149-5dd0069c9447">

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2024-01-19 17:05:02 +01:00
KN4CK3R 637451a45e
Rework markup link rendering (#26745)
Fixes #26548

This PR refactors the rendering of markup links. The old code uses
`strings.Replace` to change some urls while the new code uses more
context to decide which link should be generated.

The added tests should ensure the same output for the old and new
behaviour (besides the bug).

We may need to refactor the rendering a bit more to make it clear how
the different helper methods render the input string. There are lots of
options (resolve links / images / mentions / git hashes / emojis / ...)
but you don't really know what helper uses which options. For example,
we currently support images in the user description which should not be
allowed I think:

<details>
  <summary>Profile</summary> 

https://try.gitea.io/KN4CK3R

![grafik](https://github.com/go-gitea/gitea/assets/1666336/109ae422-496d-4200-b52e-b3a528f553e5)

</details>

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-01-15 08:49:24 +00:00
Brecht Van Lommel 12c0487e01
Make cross-reference issue links work in markdown documents again (#28682)
In #26365 issue references were disabled entirely for documents,
intending to match GitHub behavior. However cross-references do appear
to work in documents on GitHub.

This is useful for example to write release notes in a markdown document
and reference issues. While the simpler syntax may create links when not
intended, hopefully the cross-reference syntax is unique enough to avoid
it.
2024-01-03 14:01:12 +08:00
wxiaoguang e4a24d6727
Fix the issue ref rendering for wiki (#28556)
Fix #28526, regression of 
* #26365

(although the author of #26365 has recent activities, but there is no
response for the regression, so I proposed this quick fix and keep the
fix simple to make it easier to backport to 1.21)
2023-12-20 14:11:59 +00:00
wxiaoguang 20929edc99
Add option to disable ambiguous unicode characters detection (#28454)
* Close #24483
* Close #28123
* Close #23682
* Close #23149

(maybe more)
2023-12-17 14:38:54 +00:00
Earl Warren 1075ff74b5
Use restricted sanitizer for repository description (#28141)
- Currently the repository description uses the same sanitizer as a
normal markdown document. This means that element such as heading and
images are allowed and can be abused.
- Create a minimal restricted sanitizer for the repository description,
which only allows what the postprocessor currently allows, which are
links and emojis.
- Added unit testing.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1202
- Resolves https://codeberg.org/Codeberg/Community/issues/1122

(cherry picked from commit 631c87cc2347f0036a75dcd21e24429bbca28207)

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-11-23 16:34:25 +00:00
Yarden Shoham 1c0566f66d
Render email addresses as such if followed by punctuation (#27987)
Added the following characters to the regular expression for the email:

- ,
- ;
- ?
- !

Also added a test case.

- Fixes #27616 

# Before

![image](https://github.com/go-gitea/gitea/assets/20454870/c57eac26-f281-43ef-a51d-9c9a81b63efa)

# After

![image](https://github.com/go-gitea/gitea/assets/20454870/fc7d5c08-4350-4af0-a7f0-d1444d2d75af)

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
2023-11-11 05:08:19 +01:00
KN4CK3R 481e738e7f
Remove `title` from elements on Org mode (#27968)
The Org mode rendering has some problems:
1.  `[[https://example.com][pre https://example.com/example.mp4 post]]`
 renders as
`<p><a href="https://example.com" title="pre <video
src="https://example.com/example.mp4"
title="https://example.com/example.mp4">https://example.com/example.mp4</video>
post">pre <video src="https://example.com/example.mp4"
title="https://example.com/example.mp4">https://example.com/example.mp4</video>
post</a></p>`
As you can see, the `title` attribute contains the inner html in
unescaped form. I removed the `title` attribute because it is of little
value.
3. The `title` attribute on `img` and `video` is of little value.
4. The inner elements of `video` are different depending on the `if`.
2023-11-10 01:45:13 +00:00