hunt-markdown 1.0.0 released,
Cym13
cpicard at openmailbox.org
Sat Feb 23 22:59:42 UTC 2019
On Tuesday, 19 February 2019 at 10:36:38 UTC, zoujiaqing wrote:
> hunt-markdown is powerfull markdown spec parsing and randering
> library for Dlang. It's fast and clean. Api design like java's
> commonmark library.
>
> example code:
> ```import hunt.markdown.node.Node;
> import hunt.markdown.parser.Parser;
> import hunt.markdown.renderer.html.HtmlRenderer;
>
> Parser parser = Parser.builder().build();
> Node document = parser.parse("This is *New*");
> HtmlRenderer renderer = HtmlRenderer.builder().build();
> renderer.render(document); // "<p>This is <em>New</em></p>\n"
> ```
>
> More markdown spec like this:
> https://spec.commonmark.org/0.28/
>
>
> Github reposirory:
> https://github.com/huntlabs/hunt-markdown
A cool addition would be a sanatizer to allow processing markdown
provided by users in a secure way. Right now trying to build
something like a forum supporting markdown would only end in lots
of XSS everywhere.
The end developer could probably create a sanatizer himself but:
* security works best when the wheel isn't invented over and over
again, such piece of software is hard to get right[1], better
have a centralized effort
* writting a sanitizer requires building a MD parser so it's
worth baking it into the library (but with a way to disable it
for trusted inputs).
Otherwise, it would be good to mention that this is not fit to
manage user inputs and should be kept server-side.
[1]:
http://danlec.com/blog/hacking-stackoverflow-com-s-html-sanitizer
More information about the Digitalmars-d-announce
mailing list