mirror of
https://github.com/showdownjs/showdown.git
synced 2024-03-22 13:30:55 +08:00
fix(html-comments): changed regex to precent malformed long comment to freeze showdown
Closes #439
This commit is contained in:
parent
0627e497e3
commit
3efcd101a2
BIN
dist/showdown.js
vendored
BIN
dist/showdown.js
vendored
Binary file not shown.
BIN
dist/showdown.js.map
vendored
BIN
dist/showdown.js.map
vendored
Binary file not shown.
BIN
dist/showdown.min.js
vendored
BIN
dist/showdown.min.js
vendored
Binary file not shown.
BIN
dist/showdown.min.js.map
vendored
BIN
dist/showdown.min.js.map
vendored
Binary file not shown.
|
@ -6,9 +6,10 @@ showdown.subParser('escapeSpecialCharsWithinTagAttributes', function (text, opti
|
|||
'use strict';
|
||||
text = globals.converter._dispatch('escapeSpecialCharsWithinTagAttributes.before', text, options, globals);
|
||||
|
||||
// Build a regex to find HTML tags and comments. See Friedl's
|
||||
// "Mastering Regular Expressions", 2nd Ed., pp. 200-201.
|
||||
var regex = /(<[a-z\/!$]("[^"]*"|'[^']*'|[^'">])*>|<!(--.*?--\s*)+>)/gi;
|
||||
// Build a regex to find HTML tags.
|
||||
var regex = /(<[a-z\/!$]("[^"]*"|'[^']*'|[^'">])*>)/gi,
|
||||
// due to catastrophic backtrace we split the old regex into two, one for tags and one for comments
|
||||
regexComments = /<!(--(?:|(?:[^>-]|-[^>])(?:[^-]|-[^-])*)--)>/gi;
|
||||
|
||||
text = text.replace(regex, function (wholeMatch) {
|
||||
return wholeMatch
|
||||
|
@ -16,6 +17,11 @@ showdown.subParser('escapeSpecialCharsWithinTagAttributes', function (text, opti
|
|||
.replace(/([\\`*_~=|])/g, showdown.helper.escapeCharactersCallback);
|
||||
});
|
||||
|
||||
text = text.replace(regexComments, function (wholeMatch) {
|
||||
return wholeMatch
|
||||
.replace(/([\\`*_~=|])/g, showdown.helper.escapeCharactersCallback);
|
||||
});
|
||||
|
||||
text = globals.converter._dispatch('escapeSpecialCharsWithinTagAttributes.after', text, options, globals);
|
||||
return text;
|
||||
});
|
||||
|
|
|
@ -6,3 +6,5 @@
|
|||
<!-- comment -->
|
||||
<pre><code><!-- comment -->
|
||||
</code></pre>
|
||||
<p><!----------------------------------------------------------------------------------------------------------------------------------------------------</p>
|
||||
<!-------------------------------------------------------------------->
|
||||
|
|
|
@ -9,3 +9,7 @@ words <!-- a comment --> words
|
|||
<!-- comment -->
|
||||
|
||||
<!-- comment -->
|
||||
|
||||
<!----------------------------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
<!-------------------------------------------------------------------->
|
||||
|
|
Loading…
Reference in New Issue
Block a user