diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-11-25 12:12:58 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-11-25 12:12:58 +0300 |
| commit | dbd50b6e203994cdb393494faa8fc1b2fb406487 (patch) | |
| tree | 0627b8469d5ccbd5a5b306b2bf8b6de0bc4aecb9 /app/assets/javascripts/notebook | |
| parent | 8a1c3b6e1ad7d80b5e8a5ddab26cffd9b8b06c66 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/assets/javascripts/notebook')
| -rw-r--r-- | app/assets/javascripts/notebook/cells/markdown.vue | 73 |
1 files changed, 69 insertions, 4 deletions
diff --git a/app/assets/javascripts/notebook/cells/markdown.vue b/app/assets/javascripts/notebook/cells/markdown.vue index 9e4a92426ee..753aa96bb55 100644 --- a/app/assets/javascripts/notebook/cells/markdown.vue +++ b/app/assets/javascripts/notebook/cells/markdown.vue @@ -1,7 +1,7 @@ <script> -/* global katex */ import marked from 'marked'; import sanitize from 'sanitize-html'; +import katex from 'katex'; import Prompt from './prompt.vue'; const renderer = new marked.Renderer(); @@ -70,7 +70,6 @@ renderer.paragraph = t => { }; marked.setOptions({ - sanitize: true, renderer, }); @@ -87,9 +86,66 @@ export default { computed: { markdown() { return sanitize(marked(this.cell.source.join('').replace(/\\/g, '\\\\')), { - allowedTags: false, + // allowedTags from GitLab's inline HTML guidelines + // https://docs.gitlab.com/ee/user/markdown.html#inline-html + allowedTags: [ + 'h1', + 'h2', + 'h3', + 'h4', + 'h5', + 'h6', + 'h7', + 'h8', + 'br', + 'b', + 'i', + 'strong', + 'em', + 'a', + 'pre', + 'code', + 'img', + 'tt', + 'div', + 'ins', + 'del', + 'sup', + 'sub', + 'p', + 'ol', + 'ul', + 'table', + 'thead', + 'tbody', + 'tfoot', + 'blockquote', + 'dl', + 'dt', + 'dd', + 'kbd', + 'q', + 'samp', + 'var', + 'hr', + 'ruby', + 'rt', + 'rp', + 'li', + 'tr', + 'td', + 'th', + 's', + 'strike', + 'span', + 'abbr', + 'abbr', + 'summary', + ], allowedAttributes: { - '*': ['class'], + '*': ['class', 'style'], + a: ['href'], + img: ['src'], }, }); }, @@ -105,6 +161,15 @@ export default { </template> <style> +/* + Importing the necessary katex stylesheet from the node_module folder rather + than copying the stylesheet into `app/assets/stylesheets/vendors` for + automatic importing via `app/assets/stylesheets/application.scss`. The reason + is that the katex stylesheet depends on many fonts that are in node_module + subfolders - moving all these fonts would make updating katex difficult. + */ +@import '~katex/dist/katex.min.css'; + .markdown .katex { display: block; text-align: center; |