search

trentm / python-markdown2

markdown2: A fast and complete implementation of Markdown in Python
Other
2.64k stars 431 forks source link

Allow more relative links in safe mode (issue #517) #520

Closed Crozzers closed 1 year ago

Crozzers commented 1 year ago

This PR fixes #517 by expanding the scope of the _safe_href regex to include more types of relative links.

Previously, #513 was merged which allowed the following kinds of relative links:

[issue1](./issue1)
[issue1](/issue1)

But did not allow this: [link](issue1)

The new regex should allow URLs to omit the protocol section of the URL or use relative paths instead of a protocol (eg: ./, ../, /) followed by a hostname, optional port number and then the rest of the URL.

I've also expanded the number of accepted protocols to include mailto: and tel:.

Also, the _safe_protocols attribute has been re-introduced to allow users to extend the number of allowed protocols when operating in safe mode (see this comment).

nicholasserra commented 1 year ago

@Crozzers wanted to check with you on this before I merge and release. Do you think this PR is done and ready to go?

rouilj commented 1 year ago

In message @.***>, Nicholas Serra writes:

@Crozzers wanted to check with you on this before I merge and release. Do you think this PR is done and ready to go?

I would say yes, it's good to go. It fixes my initial use case.

-- -- rouilj John Rouillard

My employers don't acknowledge my existence much less my opinions.

Crozzers commented 1 year ago

Yep, good to go