fix: Ignore emoji shorthand codes in URIs #1847
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
|
This pull request is automatically built and testable in CodeSandbox. To see build info of the built libraries, click here or the icon next to each commit SHA. Latest deployment of this branch, based on commit 62069de:
|
jhildenbiddle
requested changes
Jul 30, 2022
There was a problem hiding this comment.
Thanks for submitting the PR, @socsieng.
There is a much easier fix: simply add a to the existing list of tags that are being marked:
docsify/src/core/render/emojify.js
Lines 31 to 35 in 682bf96
Change this line:
docsify/src/core/render/emojify.js
Line 33 in 682bf96
To this:
/<(a|code|pre|script|template)[^>]*?>[\s\S]+?<\/(a|code|pre|script|template)>/g,This fix also addresses an issue with the regex you were using in your initial PR.
|
Wouldn't marking the |
socsieng
commented
Jul 30, 2022
jhildenbiddle
requested changes
Aug 2, 2022
Examples: - Without explicit scheme (i.e. starting with `//`) - In single and double quote strings - Within unquoted HTML tag attributes - In css `url()` values
jhildenbiddle
approved these changes
Aug 3, 2022
|
Any ideas about when these changes will be available in npm? |
|
Not sure when npm will be released. But you can try https://github.com/sy-records/docsify-nightly |
|
You can also try installing from github using npm install "docsify@docsifyjs/docsify#develop"Or to install from a commit: npm install "docsify@docsifyjs/docsify#3c9b3d9702bb05a5ff45a4ce4233e144cf1ebecb"Or any git ref: npm install "docsify@docsifyjs/docsify#<GIT_REF_GOES_HERE>"which can be a tag, branch, etc. |
|
Thanks. Appreciate the help. I was more wondering what the timelines were to determine if I should wait for a formal package update or if I should use a github based version. |
|
@socsieng -- I think we're close to pushing an update. There's one other PR that I'd like to see merged before we do so, but otherwise I don't think anyone would have an issue pushing a new minor or patch release (have to check history to determine which would be appropriate). I'll see if I can wrap that up today or tomorrow. |
Merged
Koooooo-7
added a commit
that referenced
this pull request
Oct 26, 2022
* fix: packages/docsify-server-renderer/package.json & packages/docsify-server-renderer/package-lock.json to reduce vulnerabilities (#1715) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DOCSIFY-1090577 * fix: correctly fix missing +1, -1 (#1722) * Update LICENSE * mention that SSR is experimental and incomplete, prevent people from using it thinking it is ready for prime time * refactor: Update test environments and lint configuration (#1736) * Update test environments and lint configuration Update Jest (unit + integration) and Playwright (e2e) test environments. Includes stability improvements for e2e tests using newer, more stable methods per the Playwright docs. - Update Jest 26 => 27 - Update Jest-related libs (babel parser) - Update Playwright 1.8 => Playwright Test 1.18 - Update GitHub CI (action versions, job parallelization, and matrices) - Update ESLint 5 => 8 - Update ESLint-related libs (parser, prettier, Jest, Playwright) - Fix test failures on M1-based Macs - Fix e2e stability issues by replacing PW $ method calls - Fix ESLint errors - Fix incorrect CI flag on Jest runs (-ci => --ci) - Refactor e2e test runner from Jest to Playwright Test - Refactor e2e test files for Playwright Test - Refactor fix-lint script name to lint:fix for consistency - Refactor npm scripts order for readability - Remove unnecessary configs and libs - Remove example image snapshots * chore: bump node-fetch in /packages/docsify-server-renderer (#1738) Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.6 to 2.6.7. - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@v2.6.6...v2.6.7) --- updated-dependencies: - dependency-name: node-fetch dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * docs: update readme (#1740) * fix: Coverpage when content > viewport height (#1744) * fix: .gitignore paths * fix: Coverpage when content > viewport height fix #381 * chore: sync emojis (#1745) * fix: Legacy bugs (styles, site plugin error, and dev server error) (#1743) * Add try/catch w/ error message to plugin calls * Update lifecycle.js * Update lifecycle.js * Fix docsify-plugin-carbon error * Fix ESLint errors * Simplify conditional JS loading * Fix styles in legacy browser w/o CSS var support * Fix gitignore paths * Fix BrowserSync IE error * Fix search field presentation in IE11 - Removed fixed height and allow element to size naturally via font-size and padding - Remove default "x" rendered on IE input fields * Revert "Update lifecycle.js" This reverts commit 2a58be6. * Revert "Update lifecycle.js" This reverts commit 67c5410. * Revert "Add try/catch w/ error message to plugin calls" This reverts commit 631e924. * Fix docsify-plugin-carbon error & ESLint errors Co-authored-by: 沈唁 <52o@qq52o.cn> * fix: package.json & package-lock.json to reduce vulnerabilities (#1756) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PRISMJS-2404333 * chore: bump follow-redirects from 1.14.7 to 1.14.9 (#1757) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.9. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.14.9) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: bump prismjs in /packages/docsify-server-renderer (#1760) Bumps [prismjs](https://github.com/PrismJS/prism) from 1.26.0 to 1.27.0. - [Release notes](https://github.com/PrismJS/prism/releases) - [Changelog](https://github.com/PrismJS/prism/blob/master/CHANGELOG.md) - [Commits](PrismJS/prism@v1.26.0...v1.27.0) --- updated-dependencies: - dependency-name: prismjs dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat: Native emoji w/ image-based fallbacks and improved parsing (#1746) * Render native emoji with image fallback Fix #779 * Deprecate emoji plugin * Add emoji tests * Remove console.log statement * Fix emoji image alt attribute * Set nativeEmoji to false by default (non-breaking) * Fix parsing emoji in HTML comments and script tags * Add nativeEmoji and update noEmoji details * Add Emoji plugin deprecation notice * Fix ESLint issues * Create build:emoji task - Auto-generate emoji data from GitHub API - Auto-generate emoji markdown for website - Add emoji page to navigation * Fix rendering of GitHub emoji without unicode * Adjust and match size of native and image emoji * Update emoji test snapshot * Update docs test snapshot * Fix ci/codesandbox error * Update native emoji font-stack * Fix rendering of native multi-character emoji * Kick GitHub Workflow * Replace rollup’s uglify plugin with terser * Switch “npm ci” instead of “npm i” for stability * Change emoji data from default to named export * Revert "Replace rollup’s uglify plugin with terser" This reverts commit 7ba8513. * Revert "Switch “npm ci” instead of “npm i” for stability" This reverts commit d52b476. * Revert "Change emoji data from default to named export" This reverts commit 3f2dd46. * Specify codesandbox template and node version * Update codesandbox config * Revert "Revert "Replace rollup’s uglify plugin with terser"" This reverts commit e06fed4. * Revert "Revert "Revert "Replace rollup’s uglify plugin with terser""" This reverts commit 27d4952. * Update codesandbox config * Revert "Update codesandbox config" This reverts commit 5120dd2. * Fix codesandbox uglify error * Emoji docs tweaks * Restore and update emoji plugin code * Restore and update emoji plugin docs * Prettier updates * Match lowercase shortcodes only Co-authored-by: Koy Zhuang <369491420@qq.com> * feat: Emoji build (#1766) * Fix incorrect file name * Improve build - Display emoji API URL - Display number of emoji entries retrieved from API - Distinguish between creating and updating files - Catch and display errors (gracefully fail for offline work) - Add “DO NOT EDIT” comment to generated output * Add emoji to automated build * Remove emoji plugin from dev index.html * chore: Remove dompurify (#1490) * chore: update develop branch preview link (#1772) * feat: Plugin error handling (#1742) * Fix: ready/doneEach order with async afterEach (#1770) * docs: Update configuration options (#1773) * docs: Minor fixes to plugin docs (#1774) * chore: update vercel link (#1775) * chore: update vercel link * chore: update vercel logo (#1776) * chore: update vercel logo * chore: update vercel logo * chore: remove vercel link form github pages * chore: update style * chore: update readme * chore: update readme * chore: update readme * chore: Update CONTRIBUTING.md (#1782) Update URL of "How to Contribute to an Open Source Project on GitHub" link. The old one send the user to a 404 page where egghead suggest the new and correct URL. So, this change send the user direct to the correct URL. * chore: bump minimist from 1.2.5 to 1.2.6 (#1787) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Virtual Routes Support (#1799) * add first test * new VirtualRoutes mixin that handles routes. fetch tries to use VirtualRoutes. default config updated * cover all basic use cases * regex matching in routes * covered all virtual routes tests * added hack to fix config test on firefox * removed formatting regex matches into string routes * added support for "next" function * added docs * navigate now supports both hash and history routerModes * waiting for networkidle in navigateToRoute helper * promiseless implementation * remove firefox workaround from catchPluginErrors test, since we no longer use promises * updated docs * updated docs for "alias" as well * minor rephrasing * removed non-legacy code from exact-match; updated navigateToRoute helper to infer router mode from page * moved endsWith from router utils to general utils; added startsWith util; refactored makeExactMatcher to use both * updated docs per feedback * moved navigateToRoute helper into the virtual-routes test file * moved navigateToRoute to top of file * updated docs per pr comments * docs: update the name for "Simplified Chinese" (#1811) * update the name for "Simplified Chinese" * update the name for "Simplified Chinese" * update the name for "Simplified Chinese" * fix: cornerExternalLinkTarget config. (#1814) * Improve README.md sentence (#1817) * chore: bump jpeg-js from 0.4.3 to 0.4.4 (#1820) Bumps [jpeg-js](https://github.com/eugeneware/jpeg-js) from 0.4.3 to 0.4.4. - [Release notes](https://github.com/eugeneware/jpeg-js/releases) - [Commits](jpeg-js/jpeg-js@v0.4.3...v0.4.4) --- updated-dependencies: - dependency-name: jpeg-js dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: bump parse-url from 6.0.0 to 6.0.2 (#1833) Bumps [parse-url](https://github.com/IonicaBizau/parse-url) from 6.0.0 to 6.0.2. - [Release notes](https://github.com/IonicaBizau/parse-url/releases) - [Commits](https://github.com/IonicaBizau/parse-url/commits) --- updated-dependencies: - dependency-name: parse-url dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Docs: Fix plugin insertion order in docs (#1850) * fix: Ignore emoji shorthand codes in URIs (#1847) * fix: Ignore emoji shorthand codes in URIs Fixes: #1823 * test: Add test for emoji in anchor body * fix: Handle support for URIs used in additional contexts Examples: - Without explicit scheme (i.e. starting with `//`) - In single and double quote strings - Within unquoted HTML tag attributes - In css `url()` values Co-authored-by: John Hildenbiddle <jhildenbiddle@users.noreply.github.com> * fix: fix docsify-ignore in seach title. (#1872) * fix: fix search with no content. (#1878) * docs: Update GitHub default branch from to 'main' (#1883) * chore: upgrade caniuse-lit. (#1879) * chore: bump trim-newlines and lerna (#1895) Bumps [trim-newlines](https://github.com/sindresorhus/trim-newlines) and [lerna](https://github.com/lerna/lerna/tree/HEAD/core/lerna). These dependencies needed to be updated together. Updates `trim-newlines` from 1.0.0 to 3.0.1 - [Release notes](https://github.com/sindresorhus/trim-newlines/releases) - [Commits](https://github.com/sindresorhus/trim-newlines/commits) Updates `lerna` from 3.22.1 to 5.5.1 - [Release notes](https://github.com/lerna/lerna/releases) - [Changelog](https://github.com/lerna/lerna/blob/main/core/lerna/CHANGELOG.md) - [Commits](https://github.com/lerna/lerna/commits/v5.5.1/core/lerna) --- updated-dependencies: - dependency-name: trim-newlines dependency-type: indirect - dependency-name: lerna dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: filter null node first. (#1909) * [build]: 4.12.3 * [build] 4.12.4 * chore: add changelog 4.12.4 * update: update dependencies. * fix: fix test. * fix: upgrade dependencies. * [build] 4.13.0 * chore: add changelog 4.13.0 * chore: add changelog v4.13.0 Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Snyk bot <snyk-bot@snyk.io> Co-authored-by: ChoKaPeek <ChoKaPeek@users.noreply.github.com> Co-authored-by: Joe Pea <joe@trusktr.io> Co-authored-by: John Hildenbiddle <jhildenbiddle@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: 沈唁 <52o@qq52o.cn> Co-authored-by: Bernal I. Hernández <102492790+bernalherndz@users.noreply.github.com> Co-authored-by: Roy Sommer <illBeRoy@users.noreply.github.com> Co-authored-by: Xavi Lee <awxiaoxian2020@163.com> Co-authored-by: Shaun Bharat <79479981+shaunbharat@users.noreply.github.com> Co-authored-by: Soc Sieng <socsieng@users.noreply.github.com> Co-authored-by: Mike Mwanje <mwanjemike767@gmail.com>
Merged
Koooooo-7
pushed a commit
that referenced
this pull request
Oct 26, 2022
* fix: Ignore emoji shorthand codes in URIs Fixes: #1823 * test: Add test for emoji in anchor body * fix: Handle support for URIs used in additional contexts Examples: - Without explicit scheme (i.e. starting with `//`) - In single and double quote strings - Within unquoted HTML tag attributes - In css `url()` values Co-authored-by: John Hildenbiddle <jhildenbiddle@users.noreply.github.com>
Koooooo-7
added a commit
that referenced
this pull request
Oct 26, 2022
This reverts commit ff2cb0f.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes: #1823,
Fixes: #1839
Summary
Fixes an issue related to unintentional processing of emoji shorthand codes when included in a URI
What kind of change does this PR introduce?
Bugfix
For any code change,
Does this PR introduce a breaking change? (check one)
If yes, please describe the impact and migration path for existing applications:
Related issue, if any:
Tested in the following browsers:
Using: https://codesandbox.io/s/thirsty-fog-inwfl8