packages feed

markdown 0.1.17.4 → 0.1.17.5

raw patch · 3 files changed

+16/−3 lines, 3 filesdep ~xss-sanitize

Dependency ranges changed: xss-sanitize

Files

ChangeLog.md view
@@ -1,5 +1,9 @@ # Changelog for markdown +## 0.1.17.5++* Support xss-sanitize 0.3.7 [#39](https://github.com/snoyberg/markdown/issues/39)+ ## 0.1.17.4  * One more fix for test suite, now works on Windows as well
markdown.cabal view
@@ -1,5 +1,5 @@ Name:                markdown-Version:             0.1.17.4+Version:             0.1.17.5 Synopsis:            Convert Markdown to HTML, with XSS protection Description:         This library leverages existing high-performance libraries (attoparsec, blaze-html, text, and conduit), and should integrate well with existing codebases. Homepage:            https://github.com/snoyberg/markdown@@ -15,9 +15,10 @@                    , test/Tests/*.text                    , ChangeLog.md                    , README.md-Cabal-version:       >=1.8+Cabal-version:       >=1.10  Library+  default-language: Haskell2010   Exposed-modules:     Text.Markdown                        Text.Markdown.Block                        Text.Markdown.Inline@@ -38,6 +39,7 @@   ghc-options:       -Wall  test-suite test+    default-language: Haskell2010     hs-source-dirs: test     main-is: main.hs     other-modules: Block@@ -58,6 +60,7 @@                  , containers                  , filepath                  , directory+                 , xss-sanitize  source-repository head   type:     git
test/main.hs view
@@ -1,4 +1,5 @@ {-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE CPP #-} import Text.Blaze.Html (toHtml) import Text.Blaze.Html5 (figure) import Test.Hspec@@ -227,7 +228,12 @@         it "inline" $ check "<p>foo<br>bar</p>" "foo<br>bar"         it "inline xss" $ check "<p>foo<br>bar</p>" "foo<br onclick='evil'>bar"         it "block" $ check "<div>hello world</div>" "<div>hello world</div>"-        it "block xss" $ check "alert(&quot;evil&quot;)" "<script>alert(\"evil\")</script>"+        it "block xss" $+#if MIN_VERSION_xss_sanitize(0, 3, 7)+          check "" "<script>alert(\"evil\")</script>"+#else+          check "alert(&quot;evil&quot;)" "<script>alert(\"evil\")</script>"+#endif         it "should be escaped" $ check "<p>1 &lt; 2</p>" "1 < 2"         it "standalone" $ checkSet             def { msStandaloneHtml = Set.fromList ["<hidden>", "</hidden>"], msXssProtect = False }