summaryrefslogtreecommitdiff
path: root/spec/fixtures/markdown.md.erb
blob: bc023ecf7937a216310afd70d14be38f3ebcea4f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
# GitLab Markdown

This document is intended to be a comprehensive example of custom GitLab
Markdown usage. It will be parsed and then tested for accuracy. Let's get
started.

## Markdown

GitLab uses [Redcarpet](http://git.io/ld_NVQ) to parse all Markdown into
HTML.

It has some special features. Let's try 'em out!

### No Intra Emphasis

This string should have no emphasis: foo_bar_baz

### Tables

| Header   | Row  | Example |
| :------: | ---: | :------ |
| Foo      | Bar  | **Baz** |

### Fenced Code Blocks

```c
#include<stdio.h>

main()
{
    printf("Hello World");

}
```

```python
print "Hello, World!"
```

### Strikethrough

This text says this, ~~and this text doesn't~~.

### Superscript

This is my 1^(st) time using superscript in Markdown. Now this is my
2^(nd).

### Next step

After the Markdown has been turned into HTML, it gets passed through...

## HTML::Pipeline

### SanitizationFilter

GitLab uses <a href="http://git.io/vfW8a" class="sanitize" id="sanitize-link">HTML::Pipeline::SanitizationFilter</a>
to sanitize the generated HTML, stripping dangerous or unwanted tags.

Its default whitelist is pretty permissive. Check it:

<b id="manual-b">This text is bold</b> and <em id="manual-em">this text is emphasized</em>.

<code id="manual-code">echo "Hello, world!"</code>

Press <kbd>s</kbd> to search.

<strike>Emoji</strike> Plain old images! <img
src="http://www.emoji-cheat-sheet.com/graphics/emojis/smile.png" width="20"
height="20" id="manual-img" />

Here comes a line break:

<br id="manual-br" />

And a horizontal rule:

<hr id="manual-hr" />

As permissive as it is, we've allowed even more stuff:

<span class="light" id="span-class-light">Span elements</span>

<a href="#" rel="nofollow" id="a-rel-nofollow">This is a link with a defined rel attribute, which should be removed</a>

<a href="javascript:alert('Hi')" id="a-href-javascript">This is a link trying to be sneaky. It gets its link removed entirely.</a>

### Escaping

The problem with SanitizationFilter is that it can be too aggressive.

| Input       | Expected         | Actual    |
| ----------- | ---------------- | --------- |
| `1 < 3 & 5` | 1 &lt; 3 &amp; 5 | 1 < 3 & 5 |
| `<foo>`     | &lt;foo&gt;      | <foo>     |

### Edge Cases

Markdown should be usable inside a link. Let's try!

- [_text_](#link-emphasis)
- [**text**](#link-strong)
- [`text`](#link-code)

### EmojiFilter

Because life would be :zzz: without Emoji, right? :rocket:

Get ready for the Emoji :bomb:: :+1::-1::ok_hand::wave::v::raised_hand::muscle:

### TableOfContentsFilter

All headers in this document should be linkable. Try it.

### AutolinkFilter

These are all plain text that should get turned into links:

- http://about.gitlab.com/
- https://google.com/
- ftp://ftp.us.debian.org/debian/
- smb://foo/bar/baz
- irc://irc.freenode.net/git
- http://localhost:3000

But it shouldn't autolink text inside certain tags:

- <code id="autolink-code">http://about.gitlab.com/</code>
- <a id="autolink-a">http://about.gitlab.com/</a>
- <kbd id="autolink-kbd">http://about.gitlab.com/</kbd>

### Reference Filters (e.g., #<%= issue.iid %>)

References should be parseable even inside _!<%= merge_request.iid %>_ emphasis.

#### UserReferenceFilter

- All: @all
- User: @<%= user.username %>
- Group: @<%= group.name %>
- Ignores invalid: @fake_user
- Ignored in code: `@<%= user.username %>`
- Ignored in links: [Link to @<%= user.username %>](#user-link)

#### IssueReferenceFilter

- Issue: #<%= issue.iid %>
- Issue in another project: <%= xref %>#<%= xissue.iid %>
- Ignored in code: `#<%= issue.iid %>`
- Ignored in links: [Link to #<%= issue.iid %>](#issue-link)

#### MergeRequestReferenceFilter

- Merge request: !<%= merge_request.iid %>
- Merge request in another project: <%= xref %>!<%= xmerge_request.iid %>
- Ignored in code: `!<%= merge_request.iid %>`
- Ignored in links: [Link to !<%= merge_request.iid %>](#merge-request-link)

#### SnippetReferenceFilter

- Snippet: $<%= snippet.id %>
- Snippet in another project: <%= xref %>$<%= xsnippet.id %>
- Ignored in code: `$<%= snippet.id %>`
- Ignored in links: [Link to $<%= snippet.id %>](#snippet-link)

#### CommitRangeReferenceFilter

- Range: <%= commit_range %>
- Range in another project: <%= xref %>@<%= xcommit_range %>
- Ignored in code: `<%= commit_range %>`
- Ignored in links: [Link to <%= commit_range %>](#commit-range-link)

#### CommitReferenceFilter

- Commit: <%= commit.id %>
- Commit in another project: <%= xref %>@<%= xcommit.id %>
- Ignored in code: `<%= commit.id %>`
- Ignored in links: [Link to <%= commit.id %>](#commit-link)

#### LabelReferenceFilter

- Label by ID: ~<%= simple_label.id %>
- Label by name: ~<%= simple_label.name %>
- Label by name in quotes: ~"<%= label.name %>"
- Ignored in code: `~<%= simple_label.name %>`
- Ignored in links: [Link to ~<%= simple_label.id %>](#label-link)

### Task Lists

- [ ] Incomplete task 1
- [x] Complete task 1
- [ ] Incomplete task 2
  - [ ] Incomplete sub-task 1
  - [ ] Incomplete sub-task 2
  - [x] Complete sub-task 1
- [X] Complete task 2