aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib.rs
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib.rs47
1 files changed, 47 insertions, 0 deletions
diff --git a/src/lib.rs b/src/lib.rs
index 0cf4f49..e3fdfcb 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -732,6 +732,52 @@ pub struct Options {
/// ```
pub gfm_strikethrough_single_tilde: bool,
+ /// Whether to support the GFM tagfilter, when `allow_dangerous_html` is on
+ /// (default: `false`).
+ ///
+ /// The tagfilter is kinda weird and kinda useless.
+ /// The tag filter is a naïve attempt at XSS protection.
+ /// You should use a proper HTML sanitizing algorithm.
+ ///
+ /// ## Examples
+ ///
+ /// ```
+ /// use micromark::{micromark_with_options, Options, Constructs};
+ ///
+ /// // With `allow_dangerous_html`, micromark passes HTML through untouched:
+ /// assert_eq!(
+ /// micromark_with_options(
+ /// "<iframe>",
+ /// &Options {
+ /// allow_dangerous_html: true,
+ /// constructs: Constructs::gfm(),
+ /// ..Options::default()
+ /// }
+ /// ),
+ /// "<iframe>"
+ /// );
+ ///
+ /// // Pass `gfm_tagfilter: true` to make some of that safe:
+ /// assert_eq!(
+ /// micromark_with_options(
+ /// "<iframe>",
+ /// &Options {
+ /// allow_dangerous_html: true,
+ /// constructs: Constructs::gfm(),
+ /// gfm_tagfilter: true,
+ /// ..Options::default()
+ /// }
+ /// ),
+ /// "&lt;iframe>"
+ /// );
+ /// ```
+ ///
+ /// ## References
+ ///
+ /// * [*§ 6.1 Disallowed Raw HTML (extension)* in GFM](https://github.github.com/gfm/#disallowed-raw-html-extension-)
+ /// * [`cmark-gfm#extensions/tagfilter.c`](https://github.com/github/cmark-gfm/blob/master/extensions/tagfilter.c)
+ pub gfm_tagfilter: bool,
+
/// Whether to support math (text) (if enabled in `constructs`) with a
/// single dollar (default: `true`).
///
@@ -791,6 +837,7 @@ impl Default for Options {
gfm_footnote_back_label: None,
gfm_footnote_clobber_prefix: None,
gfm_strikethrough_single_tilde: true,
+ gfm_tagfilter: false,
math_text_single_dollar: true,
}
}