Use a custom version of the Github MD formatter (#2183)

malemburg · web-flow · commit e84706b1d97f · 2022-11-02T16:11:38.000-04:00
* Use a custom version of the Github MD formatter This doesn't filter away the script (and some other) HTML tags. Fixes #2181. * Apply some code cosmetics
diff --git a/pages/models.py b/pages/models.py
@@ -30,11 +30,6 @@
 
 DEFAULT_MARKUP_TYPE = getattr(settings, 'DEFAULT_MARKUP_TYPE', 'restructuredtext')
 
-# Set options for cmarkgfm for "unsafe" renderer, see https://github.com/theacodes/cmarkgfm#advanced-usage
-CMARKGFM_UNSAFE_OPTIONS = (
-    cmarkgfmOptions.CMARK_OPT_UNSAFE
-)
-
 PAGE_PATH_RE = re.compile(r"""
     ^
     /?                      # We can optionally start with a /
@@ -65,10 +60,35 @@
     'Markdown'
 )
 
+# Add our own Github style Markdown parser, which doesn't apply the default
+# tagfilter used by Github (we can be more liberal, since we know our page
+# editors).
+
+def unsafe_markdown_to_html(text, options=0):
+
+    """Render the given GitHub-flavored Makrdown to HTML.
+
+    This function is similar to cmarkgfm.github_flavored_markdown_to_html(),
+    except that it allows raw HTML to get rendered, which is useful when
+    using jQuery UI script extensions on pages.
+
+    """
+    # Set options for cmarkgfm for "unsafe" renderer, see
+    # https://github.com/theacodes/cmarkgfm#advanced-usage
+    options = options | (
+        cmarkgfmOptions.CMARK_OPT_UNSAFE |
+        cmarkgfmOptions.CMARK_OPT_GITHUB_PRE_LANG
+    )
+    return cmarkgfm.markdown_to_html_with_extensions(
+        text, options=options,
+        extensions=[
+            'table', 'autolink', 'strikethrough', 'tasklist'
+        ])
+
 RENDERERS.append(
     (
         "markdown_unsafe",
-        lambda markdown_text: cmarkgfm.github_flavored_markdown_to_html(markdown_text, options=CMARKGFM_UNSAFE_OPTIONS),
+        unsafe_markdown_to_html,
         "Markdown (unsafe)",
     )
 )
