| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
An upcoming update to rubocop-gitlab-security added additional
violations.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
(security-9-1) Render asciidoc & other markup using banzai in a pipeline
See merge request !2098
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Example: for issues that are closed, the links will now show '[closed]'
following the issue number. This is done as post-process after the markdown has
been loaded from the cache as the status of the issue may change between
the cache being populated and the content being displayed.
In order to avoid N+1 queries problem when rendering notes ObjectRenderer
populates the cache of referenced issuables for all notes at once,
before the post processing phase.
As a part of this change, the Banzai BaseParser#grouped_objects_for_nodes
method has been refactored to return a Hash utilising the node itself as the
key, since this was a common pattern of usage for this method.
|
| |
|
|
|
|
| |
Remove class from SanitizationFilter whitelist
See merge request !2079
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
Allow rendering of PlantUML diagrams in Markdown documents using fenced blocks:
```plantuml
Bob -> Sara : Hello
Sara -> Bob : Go away
```
Closes: #4048
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit alters views for the following models to use the markdown cache if
present:
* AbuseReport
* Appearance
* ApplicationSetting
* BroadcastMessage
* Group
* Issue
* Label
* MergeRequest
* Milestone
* Project
At the same time, calls to `escape_once` have been moved into the `single_line`
Banzai pipeline, so they can't be missed out by accident and the work is done
at save, rather than render, time.
|
| |
|
|
|
|
|
|
| |
Also, always add a link to download videos since video playback is
tricky. Also, it solves the issue with email client not supporting
videos.
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |
|
|
|
| |
* Registered video MIME types
* Currently supporting browser-supported formats with extensions that match the mime type
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit changes the way certain documents are rendered (currently
only Notes) and how documents are redacted. Previously both rendering
and redacting would run on a per document basis. The result of this was
that for every document we'd have to run countless queries just to
figure out if we could display a set of links or not.
This commit changes things around so that redacting Markdown documents
is no longer tied into the html-pipeline Gem. This in turn allows it to
redact multiple documents in a single pass, thus reducing the number of
queries needed.
In turn rendering issue/merge request notes has been adjusted to take
advantage of this new setup. Instead of rendering Markdown somewhere
deep down in a view the Markdown is rendered and redacted in the
controller (taking the current user and all that into account). This has
been done in such a way that the "markdown()" helper method can still be
used on its own.
This particular commit also paves the way for caching rendered HTML on
object level. Right now there's an accessor method Note#note_html which
is used for setting/getting the rendered HTML. Once we cache HTML on row
level we can simply change this field to be a column and call a "save"
whenever needed and we're pretty much done.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Consider this command:
bundle exec rails r "include GitlabMarkdownHelper
puts markdown('<span>this is a span</span>', pipeline: :description)
puts markdown('<span>this is a span</span>')"
And the same in the opposite order:
bundle exec rails r "include GitlabMarkdownHelper
puts markdown('<span>this is a span</span>')
puts markdown('<span>this is a span</span>', pipeline: :description)"
Before this change, they would both output:
<p><span>this is a span</span></p>
<p>this is a span</p>
That's because `span` is added to the list of whitelisted elements in
the `SanitizationFilter`, but this method tries not to make the same
changes multiple times. Unfortunately,
`HTML::Pipeline::SanitizationFilter::LIMITED`, which is used by the
`DescriptionPipeline`, uses the same Ruby objects for all of its hash
values _except_ `:elements`.
That means that whichever of `DescriptionPipeline` and `GfmPipeline` is
called first would have `span` in its whitelisted elements, and the
second wouldn't.
Fix this by creating an entirely separate hash, before either pipeline
is invoked.
|
| |
|
|
|
|
|
|
|
|
| |
This splits the Markdown rendering and reference extraction phases into
two distinct code bases. The reference extraction phase no longer relies
on the html-pipeline Gem (and any related code) and allows for
extracting of references from multiple HTML nodes in a single pass. This
means that if you want to extract user references from 200 comments you
no longer need to run 200 times N number of queries, instead only a
handful of queries may be needed.
|
| |
|
|
| |
Gitlab::Diff::InlineDiff
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Wiki preview URL converting problem [via Markdown]
Current implementation when rendering the preview, thinks relative links are for project repository files.
We are creating a new preview route that will define correct context data to render for wikis instead.
Fixes #2380, #1184
See merge request !3461
|
| | | |
|
| | | |
|
| | | |
|
| |/
|
|
|
|
|
|
| |
ImageLinkFilter.
Resolves #14411.
See merge request !3464
|
| |
|
|
| |
We're trying to avoid circular dependency errors.
|
| |
|
|
|
| |
This filter will detect YAML Front Matter and convert it to an HTML
table for prettier formatting.
|
| | |
|
| | |
|
| |
|
|
| |
Closes #2494
|
| |
|
|
|
|
|
|
| |
- Apply the RelativeLinkFilter filter to other formats, e.g.,
reStructuredText so links from the Files view or the Project view work
- Remove the AsciidocPipeline pipeline
Fixes #3533.
|
| |
|
|
| |
Closes #11853
|
| |
|
|
|
| |
This allows for future pipelines to more easily define a custom
whitelist.
|
| |\
| |
| |
| |
| |
| |
| | |
Backport two commits from EE
Backport part of https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/110
See merge request !2424
|
| | | |
|
| | | |
|
| |/ |
|
| |\
| |
| |
| |
| |
| |
| | |
Link to milestone in "Milestone changed" system note
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/4141
See merge request !2203
|
| | | |
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
Removes the following filters from its parent GfmPipeline:
- SyntaxHighlightFilter
- UploadLinkFilter
- TableOfContentsFilter
- LabelReferenceFilter
- TaskListFilter
Closes #1697
|
| |
|
