aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/compiler.rs8
-rw-r--r--src/constant.rs12
2 files changed, 14 insertions, 6 deletions
diff --git a/src/compiler.rs b/src/compiler.rs
index 9bc2488..4359942 100644
--- a/src/compiler.rs
+++ b/src/compiler.rs
@@ -1,4 +1,5 @@
//! Turn events into a string of HTML.
+use crate::constant::SAFE_PROTOCOL_HREF;
use crate::construct::character_reference::Kind as CharacterReferenceKind;
use crate::tokenizer::{Code, Event, EventType, TokenType};
use crate::util::{
@@ -125,14 +126,9 @@ pub fn compile(events: &[Event], codes: &[Code], options: &Options) -> String {
let protocol_href = if options.allow_dangerous_protocol {
None
} else {
- Some(vec!["http", "https", "irc", "ircs", "mailto", "xmpp"])
+ Some(SAFE_PROTOCOL_HREF.to_vec())
};
let mut line_ending_inferred: Option<LineEnding> = None;
- // let protocol_src = if options.allow_dangerous_protocol {
- // None
- // } else {
- // Some(vec!["http", "https"])
- // };
// let mut slurp_all_line_endings = false;
while index < events.len() {
diff --git a/src/constant.rs b/src/constant.rs
index 9c861be..6ba1638 100644
--- a/src/constant.rs
+++ b/src/constant.rs
@@ -193,6 +193,18 @@ pub const HTML_RAW_SIZE_MAX: usize = 8;
/// To safeguard performance, labels are capped at a large number: `999`.
pub const LINK_REFERENCE_SIZE_MAX: usize = 999;
+/// List of protocols allowed, when operating safely, as `href` on `a`.
+///
+/// This list is based on what is allowed by GitHub.
+pub const SAFE_PROTOCOL_HREF: [&str; 6] = ["http", "https", "irc", "ircs", "mailto", "xmpp"];
+
+/// List of protocols allowed, when operating safely, as `src` on `img`.
+///
+/// This list is based on what is allowed by GitHub.
+// To do: image.
+#[allow(dead_code)]
+pub const SAFE_PROTOCOL_SRC: [&str; 2] = ["http", "https"];
+
/// The number of characters that form a tab stop.
///
/// This relates to the number of whitespace characters needed to form certain