Commit 199f34e4 authored by Frédéric Mangano-Tarumi's avatar Frédéric Mangano-Tarumi Committed by Lukas Fleischer
Browse files

rendercomment: safer auto-linkification of URLs

Fixes a few edge cases:

- URLs within code blocks used to get redundant <> added, breaking bash
  code snippets like `curl https://...`

 into `curl <https://...>`.

- Links written with markdown's <https://...> syntax also used to get an
  extra pair of brackets.

Signed-off-by: Lukas Fleischer's avatarLukas Fleischer <>
parent 0fc69e96
......@@ -13,17 +13,20 @@ repo_path = aurweb.config.get('serve', 'repo-path')
commit_uri = aurweb.config.get('options', 'commit_uri')
class LinkifyPreprocessor(markdown.preprocessors.Preprocessor):
_urlre = re.compile(r'(\b(?:https?|ftp):\/\/[\w\/\#~:.?+=&%@!\-;,]+?'
def run(self, lines):
return [self._urlre.sub(r'<\1>', line) for line in lines]
class LinkifyExtension(markdown.extensions.Extension):
Turn URLs into links, even without explicit markdown.
Do not linkify URLs in code blocks.
# Captures http(s) and ftp URLs until the first non URL-ish character.
# Excludes trailing punctuation.
_urlre = (r'(\b(?:https?|ftp):\/\/[\w\/\#~:.?+=&%@!\-;,]+?'
class LinkifyExtension(markdown.extensions.Extension):
def extendMarkdown(self, md, md_globals):
md.preprocessors.add('linkify', LinkifyPreprocessor(md), '_end')
processor = markdown.inlinepatterns.AutolinkInlineProcessor(self._urlre, md)
md.inlinePatterns.add('linkify', processor, '_end')
class FlysprayLinksPreprocessor(markdown.preprocessors.Preprocessor):
......@@ -51,11 +51,22 @@ test_expect_success 'Test HTML sanitizing.' '
test_expect_success 'Test link conversion.' '
cat <<-EOD | sqlite3 aur.db &&
INSERT INTO PackageComments (ID, PackageBaseID, Comments, RenderedComment) VALUES (4, 1, "Visit", "");
INSERT INTO PackageComments (ID, PackageBaseID, Comments, RenderedComment) VALUES (4, 1, "
Visit <>.
Visit \`\`.
Visit [Arch Linux](
Visit [Arch Linux][arch].
", "");
cat <<-EOD >expected &&
<p>Visit <a href=""></a>.</p>
<p>Visit <a href=""></a>.
Visit <a href=""></a>.
Visit <code></code>.
Visit <a href="">Arch Linux</a>.
Visit <a href="">Arch Linux</a>.</p>
cat <<-EOD | sqlite3 aur.db >actual &&
SELECT RenderedComment FROM PackageComments WHERE ID = 4;
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment