marked icon indicating copy to clipboard operation
marked copied to clipboard

Published 20 hours ago verified publisher icon markedjs

A backtick in code in a link parses incorrectly

Open leafac opened this issue 5 years ago • 8 comments

Marked

CommonMark

It used to work in Marked 0.6.3

leafac avatar May 03 '20 18:05 leafac

There was a security issue with backticks in links as shown in #1493 and fixed in #1515 Released in v0.7.0

UziTech avatar May 03 '20 21:05 UziTech

Can I help to fix this?

leafac avatar May 29 '20 21:05 leafac

Of course! PRs are always welcome.

UziTech avatar May 29 '20 21:05 UziTech

I should have said: Can you please help me fix this?

I’m new to the codebase and have no idea where to start.

leafac avatar May 29 '20 22:05 leafac

You will most likely have to change the regex for links in rules.js and update the link tokenizer in Tokenizer.js.

If you have any questions about anything feel free to ask.

UziTech avatar May 30 '20 02:05 UziTech

I thought I’d have time to work on this, but I won’t. If someone else can take this, it’d be great 😃

leafac avatar Jun 01 '20 21:06 leafac

Hey guys, I got here by looking for projects to contribute to during the Hacktoberfest. I opened a pull request to address this issue: https://github.com/markedjs/marked/pull/1794.

@UziTech, I updated the links in rules.js but apparently didn't need to update Tokenizer.js.

The PR passed all tests and I was looking where I could include a test case for this scenario of backticks in links. However, as I inspected tests/specs/commonmark and tests/specs/gfm, the test cases seem to be based on examples from the CommonMark and GitHub specs, and do not support custom test cases.

Is there a test file where this scenario could be added?

pgcalixto avatar Oct 22 '20 10:10 pgcalixto

test/specs/new is where you will need to add tests.

UziTech avatar Oct 22 '20 12:10 UziTech