Closed abarsov closed 4 years ago
It seems, I got wrong with whitelisting link endings because it should rather be blacklisting some common punctuation characters which can be used alongside the links.
Regarding parentheses, github's parser only includes the closing link(s) in the end if they are forming pairs with some unclosed opened parentheses in the same link. I suppose I should support the same behaviour.
Some examples:
((https://www.owasp.org/index.php/Cross-site_Scripting_((XS)S)))) https://www.owasp.org/index.php/Cross-site_Scripting_XSS)))) https://www.owasp.org/index.php/Cross-site_Scripting_(XSS]( https://www.owasp.org/index.php/Cross-site_Scripting_(XSS]: [https://www.owasp.org/index.php/Cross-site_Scripting_(XSS]] https://www.owasp.org/index.php/Cross-site_Scripting_(XSS][ðŸ“
Fixed in master, `
and ]
are still disallowed at the end of the links because of architectural difficulties. Hope these are not used too much.
Example input: https://www.owasp.org/index.php/Cross-site_Scripting_(XSS) Result: https://www.owasp.org/index.php/Cross-site_Scripting_(XSS is a link, the last ) is a plain text.