Skip to content

Commit

Permalink
fix(html-comments): changed regex to precent malformed long comment t…
Browse files Browse the repository at this point in the history
…o freeze showdown

Closes #439
  • Loading branch information
tivie committed Oct 2, 2017
1 parent 0627e49 commit 3efcd10
Show file tree
Hide file tree
Showing 7 changed files with 30 additions and 12 deletions.
14 changes: 10 additions & 4 deletions dist/showdown.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion dist/showdown.js.map

Large diffs are not rendered by default.

6 changes: 3 additions & 3 deletions dist/showdown.min.js

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion dist/showdown.min.js.map

Large diffs are not rendered by default.

12 changes: 9 additions & 3 deletions src/subParsers/escapeSpecialCharsWithinTagAttributes.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,16 +6,22 @@ showdown.subParser('escapeSpecialCharsWithinTagAttributes', function (text, opti
'use strict';
text = globals.converter._dispatch('escapeSpecialCharsWithinTagAttributes.before', text, options, globals);

// Build a regex to find HTML tags and comments. See Friedl's
// "Mastering Regular Expressions", 2nd Ed., pp. 200-201.
var regex = /(<[a-z\/!$]("[^"]*"|'[^']*'|[^'">])*>|<!(--.*?--\s*)+>)/gi;
// Build a regex to find HTML tags.
var regex = /(<[a-z\/!$]("[^"]*"|'[^']*'|[^'">])*>)/gi,
// due to catastrophic backtrace we split the old regex into two, one for tags and one for comments
regexComments = /<!(--(?:|(?:[^>-]|-[^>])(?:[^-]|-[^-])*)--)>/gi;

text = text.replace(regex, function (wholeMatch) {
return wholeMatch
.replace(/(.)<\/?code>(?=.)/g, '$1`')
.replace(/([\\`*_~=|])/g, showdown.helper.escapeCharactersCallback);
});

text = text.replace(regexComments, function (wholeMatch) {
return wholeMatch
.replace(/([\\`*_~=|])/g, showdown.helper.escapeCharactersCallback);
});

text = globals.converter._dispatch('escapeSpecialCharsWithinTagAttributes.after', text, options, globals);
return text;
});
2 changes: 2 additions & 0 deletions test/cases/html-comments.html
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,5 @@
<!-- comment -->
<pre><code>&lt;!-- comment --&gt;
</code></pre>
<p>&lt;!----------------------------------------------------------------------------------------------------------------------------------------------------</p>
<!-------------------------------------------------------------------->
4 changes: 4 additions & 0 deletions test/cases/html-comments.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,7 @@ words <!-- a comment --> words
<!-- comment -->

<!-- comment -->

<!----------------------------------------------------------------------------------------------------------------------------------------------------
<!-------------------------------------------------------------------->

0 comments on commit 3efcd10

Please sign in to comment.