diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/compiler.rs | 8 | ||||
-rw-r--r-- | src/constant.rs | 12 |
2 files changed, 14 insertions, 6 deletions
diff --git a/src/compiler.rs b/src/compiler.rs index 9bc2488..4359942 100644 --- a/src/compiler.rs +++ b/src/compiler.rs @@ -1,4 +1,5 @@ //! Turn events into a string of HTML. +use crate::constant::SAFE_PROTOCOL_HREF; use crate::construct::character_reference::Kind as CharacterReferenceKind; use crate::tokenizer::{Code, Event, EventType, TokenType}; use crate::util::{ @@ -125,14 +126,9 @@ pub fn compile(events: &[Event], codes: &[Code], options: &Options) -> String { let protocol_href = if options.allow_dangerous_protocol { None } else { - Some(vec!["http", "https", "irc", "ircs", "mailto", "xmpp"]) + Some(SAFE_PROTOCOL_HREF.to_vec()) }; let mut line_ending_inferred: Option<LineEnding> = None; - // let protocol_src = if options.allow_dangerous_protocol { - // None - // } else { - // Some(vec!["http", "https"]) - // }; // let mut slurp_all_line_endings = false; while index < events.len() { diff --git a/src/constant.rs b/src/constant.rs index 9c861be..6ba1638 100644 --- a/src/constant.rs +++ b/src/constant.rs @@ -193,6 +193,18 @@ pub const HTML_RAW_SIZE_MAX: usize = 8; /// To safeguard performance, labels are capped at a large number: `999`. pub const LINK_REFERENCE_SIZE_MAX: usize = 999; +/// List of protocols allowed, when operating safely, as `href` on `a`. +/// +/// This list is based on what is allowed by GitHub. +pub const SAFE_PROTOCOL_HREF: [&str; 6] = ["http", "https", "irc", "ircs", "mailto", "xmpp"]; + +/// List of protocols allowed, when operating safely, as `src` on `img`. +/// +/// This list is based on what is allowed by GitHub. +// To do: image. +#[allow(dead_code)] +pub const SAFE_PROTOCOL_SRC: [&str; 2] = ["http", "https"]; + /// The number of characters that form a tab stop. /// /// This relates to the number of whitespace characters needed to form certain |