contentdb/app/markdown.py

from functools import partial

import bleach
from bleach import Cleaner
from bleach.linkifier import LinkifyFilter
from markdown import Markdown
from flask import Markup

# Based on
# https://github.com/Wenzil/mdx_bleach/blob/master/mdx_bleach/whitelist.py
#
# License: MIT

ALLOWED_TAGS = [
	"h1", "h2", "h3", "h4", "h5", "h6", "hr",
	"ul", "ol", "li",
	"p",
	"br",
	"pre",
	"code",
	"blockquote",
	"strong",
	"em",
	"a",
	"img",
	"table", "thead", "tbody", "tr", "th", "td",
	"div", "span",
]

ALLOWED_CSS = [
	"highlight", "codehilite",
	"hll", "c", "err", "g", "k", "l", "n", "o", "x", "p", "ch", "cm", "cp", "cpf", "c1", "cs",
	"gd", "ge", "gr", "gh", "gi", "go", "gp", "gs", "gu", "gt", "kc", "kd", "kn", "kp", "kr",
	"kt", "ld", "m", "s", "na", "nb", "nc", "no", "nd", "ni", "ne", "nf", "nl", "nn", "nx",
	"py", "nt", "nv", "ow", "w", "mb", "mf", "mh", "mi", "mo", "sa", "sb", "sc", "dl", "sd",
	"s2", "se", "sh", "si", "sx", "sr", "s1", "ss", "bp", "fm", "vc", "vg", "vi", "vm", "il",
]

def allow_class(_tag, name, value):
	return name == "class" and value in ALLOWED_CSS

ALLOWED_ATTRIBUTES = {
	"a": ["href", "title"],
	"img": ["src", "title", "alt"],
	"code": allow_class,
	"div": allow_class,
	"span": allow_class,
}

ALLOWED_PROTOCOLS = ["http", "https", "mailto"]

md = None

def render_markdown(source):
	html = md.convert(source)

	cleaner = Cleaner(
			tags=ALLOWED_TAGS,
			attributes=ALLOWED_ATTRIBUTES,
			protocols=ALLOWED_PROTOCOLS,
			filters=[partial(LinkifyFilter, callbacks=bleach.linkifier.DEFAULT_CALLBACKS)])
	return cleaner.clean(html)

def init_app(app):
	global md

	md = Markdown(extensions=app.config["FLATPAGES_MARKDOWN_EXTENSIONS"], output_format="html5")

	@app.template_filter()
	def markdown(source):
		return Markup(render_markdown(source))
Allow codehighlighting in markdown, enable linkify 2021-02-02 19:16:55 +01:00			`from functools import partial`

Improve markdown escaping Fixes #118 2020-01-22 23:10:02 +01:00			`import bleach`
Allow codehighlighting in markdown, enable linkify 2021-02-02 19:16:55 +01:00			`from bleach import Cleaner`
			`from bleach.linkifier import LinkifyFilter`
Improve markdown escaping Fixes #118 2020-01-22 23:10:02 +01:00			`from markdown import Markdown`
			`from flask import Markup`

Allow codehighlighting in markdown, enable linkify 2021-02-02 19:16:55 +01:00			`# Based on`
Improve markdown escaping Fixes #118 2020-01-22 23:10:02 +01:00			`# https://github.com/Wenzil/mdx_bleach/blob/master/mdx_bleach/whitelist.py`
Allow codehighlighting in markdown, enable linkify 2021-02-02 19:16:55 +01:00			`#`
			`# License: MIT`
Improve markdown escaping Fixes #118 2020-01-22 23:10:02 +01:00
			`ALLOWED_TAGS = [`
Update API docs, add support for code highlighting, add markdown table support 2021-02-02 18:09:19 +01:00			`"h1", "h2", "h3", "h4", "h5", "h6", "hr",`
			`"ul", "ol", "li",`
			`"p",`
			`"br",`
			`"pre",`
			`"code",`
			`"blockquote",`
			`"strong",`
			`"em",`
			`"a",`
			`"img",`
Allow codehighlighting in markdown, enable linkify 2021-02-02 19:16:55 +01:00			`"table", "thead", "tbody", "tr", "th", "td",`
			`"div", "span",`
			`]`

			`ALLOWED_CSS = [`
			`"highlight", "codehilite",`
			`"hll", "c", "err", "g", "k", "l", "n", "o", "x", "p", "ch", "cm", "cp", "cpf", "c1", "cs",`
			`"gd", "ge", "gr", "gh", "gi", "go", "gp", "gs", "gu", "gt", "kc", "kd", "kn", "kp", "kr",`
			`"kt", "ld", "m", "s", "na", "nb", "nc", "no", "nd", "ni", "ne", "nf", "nl", "nn", "nx",`
			`"py", "nt", "nv", "ow", "w", "mb", "mf", "mh", "mi", "mo", "sa", "sb", "sc", "dl", "sd",`
			`"s2", "se", "sh", "si", "sx", "sr", "s1", "ss", "bp", "fm", "vc", "vg", "vi", "vm", "il",`
Improve markdown escaping Fixes #118 2020-01-22 23:10:02 +01:00			`]`

Allow codehighlighting in markdown, enable linkify 2021-02-02 19:16:55 +01:00			`def allow_class(_tag, name, value):`
			`return name == "class" and value in ALLOWED_CSS`

Improve markdown escaping Fixes #118 2020-01-22 23:10:02 +01:00			`ALLOWED_ATTRIBUTES = {`
Update API docs, add support for code highlighting, add markdown table support 2021-02-02 18:09:19 +01:00			`"a": ["href", "title"],`
Allow codehighlighting in markdown, enable linkify 2021-02-02 19:16:55 +01:00			`"img": ["src", "title", "alt"],`
			`"code": allow_class,`
			`"div": allow_class,`
			`"span": allow_class,`
Improve markdown escaping Fixes #118 2020-01-22 23:10:02 +01:00			`}`

Update API docs, add support for code highlighting, add markdown table support 2021-02-02 18:09:19 +01:00			`ALLOWED_PROTOCOLS = ["http", "https", "mailto"]`
Improve markdown escaping Fixes #118 2020-01-22 23:10:02 +01:00
Update API docs, add support for code highlighting, add markdown table support 2021-02-02 18:09:19 +01:00			`md = None`
Improve markdown escaping Fixes #118 2020-01-22 23:10:02 +01:00
			`def render_markdown(source):`
Allow codehighlighting in markdown, enable linkify 2021-02-02 19:16:55 +01:00			`html = md.convert(source)`

			`cleaner = Cleaner(`
			`tags=ALLOWED_TAGS,`
			`attributes=ALLOWED_ATTRIBUTES,`
			`protocols=ALLOWED_PROTOCOLS,`
			`filters=[partial(LinkifyFilter, callbacks=bleach.linkifier.DEFAULT_CALLBACKS)])`
			`return cleaner.clean(html)`
Improve markdown escaping Fixes #118 2020-01-22 23:10:02 +01:00
			`def init_app(app):`
Update API docs, add support for code highlighting, add markdown table support 2021-02-02 18:09:19 +01:00			`global md`

			`md = Markdown(extensions=app.config["FLATPAGES_MARKDOWN_EXTENSIONS"], output_format="html5")`

Improve markdown escaping Fixes #118 2020-01-22 23:10:02 +01:00			`@app.template_filter()`
			`def markdown(source):`
			`return Markup(render_markdown(source))`