Git with a cup of tea, painless self-hosted git service
Go to file
Alexander Scheel ee7df7ba8c Markdown: Sanitizier Configuration (#9075)
* Support custom sanitization policy

Allowing the gitea administrator to configure sanitization policy allows
them to couple external renders and custom templates to support more
markup. In particular, the `pandoc` renderer allows generating KaTeX
annotations, wrapping them in `<span>` elements with class `math` and
either `inline` or `display` (depending on whether or not inline or
block mode was requested).

This iteration gives the administrator whitelisting powers; carefully
crafted regexes will thus let through only the desired attributes
necessary to support their custom markup.

Resolves: #9054

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>

* Document new sanitization configuration

 - Adds basic documentation to app.ini.sample,
 - Adds an example to the Configuration Cheat Sheet, and
 - Adds extended information to External Renderers section.

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>

* Drop extraneous length check in newMarkupSanitizer(...)

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>

* Fix plural ELEMENT and ALLOW_ATTR in docs

These were left over from their initial names. Make them singular to
conform with the current expectations.

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>
2019-12-07 14:49:04 -05:00
.github
assets
cmd
contrib
custom/conf Markdown: Sanitizier Configuration (#9075) 2019-12-07 14:49:04 -05:00
docker Fix latest docker image haven't include static files. (#9252) 2019-12-05 12:18:28 -05:00
docs Markdown: Sanitizier Configuration (#9075) 2019-12-07 14:49:04 -05:00
integrations Redirect issue if repo has configured external tracker. (#9247) 2019-12-06 23:21:18 -05:00
models Move UpdateIssuesCommit from models to repofiles (#9276) 2019-12-07 23:52:36 +08:00
modules Markdown: Sanitizier Configuration (#9075) 2019-12-07 14:49:04 -05:00
options [skip ci] Updated translations via Crowdin 2019-12-07 15:54:45 +00:00
public Add Node.js build dep, remove built js/css files (#9114) 2019-12-05 11:41:38 +08:00
routers Redirect issue if repo has configured external tracker. (#9247) 2019-12-06 23:21:18 -05:00
scripts
services Move some pull request functions from models to services (#9266) 2019-12-06 21:44:10 -05:00
snap
templates Show label list on label set (#9251) 2019-12-06 21:13:19 -05:00
vendor
web_src fix #9198 make diff detail sticky again (#9280) 2019-12-07 13:01:57 -05:00
.changelog.yml
.drone.yml Add Node.js build dep, remove built js/css files (#9114) 2019-12-05 11:41:38 +08:00
.editorconfig Ensure LF on checkouts and in editors (#9259) 2019-12-05 23:09:01 +02:00
.eslintignore
.eslintrc
.gitattributes Ensure LF on checkouts and in editors (#9259) 2019-12-05 23:09:01 +02:00
.gitignore Add Node.js build dep, remove built js/css files (#9114) 2019-12-05 11:41:38 +08:00
.golangci.yml
.lgtm
.npmrc
.revive.toml
.stylelintrc
BSDmakefile
CHANGELOG.md Changelog 1.10.1 (#9256) (#9262) 2019-12-06 00:15:11 +02:00
CONTRIBUTING.md
DCO
Dockerfile Fix latest docker image haven't include static files. (#9252) 2019-12-05 12:18:28 -05:00
go.mod
go.sum
LICENSE
main.go
MAINTAINERS
Makefile Switch CSS minifier to cssnano (#9260) 2019-12-05 19:33:06 -05:00
package-lock.json Update JS dependencies (#9255) 2019-12-06 14:41:25 +08:00
package.json Update JS dependencies (#9255) 2019-12-06 14:41:25 +08:00
README_ZH.md
README.md
tools.go
webpack.config.js

简体中文

logo Gitea - Git with a cup of tea

Build Status Join the Discord chat at https://discord.gg/NsatcWJ codecov Go Report Card GoDoc GitHub release Help Contribute to Open Source Become a backer/sponsor of gitea License: MIT Crowdin

Purpose

The goal of this project is to make the easiest, fastest, and most painless way of setting up a self-hosted Git service. Using Go, this can be done with an independent binary distribution across all platforms which Go supports, including Linux, macOS, and Windows on x86, amd64, ARM and PowerPC architectures. Want to try it before doing anything else? Do it with the online demo! This project has been forked from Gogs since 2016.11 but changed a lot.

Building

From the root of the source tree, run:

TAGS="bindata" make generate all

More info: https://docs.gitea.io/en-us/install-from-source/

Using

./gitea web

NOTE: If you're interested in using our APIs, we have experimental support with documentation.

Contributing

Expected workflow is: Fork -> Patch -> Push -> Pull Request

NOTES:

  1. YOU MUST READ THE CONTRIBUTORS GUIDE BEFORE STARTING TO WORK ON A PULL REQUEST.
  2. If you have found a vulnerability in the project, please write privately to security@gitea.io. Thanks!

Further information

For more information and instructions about how to install Gitea, please look at our documentation. If you have questions that are not covered by the documentation, you can get in contact with us on our Discord server, or forum!

Authors

Backers

Thank you to all our backers! 🙏 [Become a backer]

Sponsors

Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]

FAQ

How do you pronounce Gitea?

Gitea is pronounced /ɡɪti:/ as in "gi-tea" with a hard g.

Why is this not hosted on a Gitea instance?

We're working on it.

License

This project is licensed under the MIT License. See the LICENSE file for the full license text.

Screenshots

Looking for an overview of the interface? Check it out!

Dashboard User Profile Global Issues
Branches Web Editor Activity
New Migration Migrating Pull Request View
Pull Request Dark Diff Review Dark Diff Dark