UNPKG

marksafe

Version:

A simple alternative to using markdown to ensure safety of user-generated rich text in web applications

github.com/mksunny1/marksafe

mksunny1/marksafe

104 lines (103 loc) 3.88 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
/** * A powerful, safe and simple library to enable rich user-generated text in * web applications * * @module */ /** * The Marksafe singleton class for parsing marksafe text. Text should already be escaped * and only contain markasfe tag specifiers. Text should be the textContent of an * element so we simply call {@link Marksafe.process} with the element to convert the * textContent to innerHTML. * */ export declare class Marksafe { /** * Get or set the list of allowed tag names. */ static tags: Set<string>; /** * Get or set the list of self-closing tags like `img` and `br`. */ static selfTags: Set<string>; /** * Get or set the list of allowed attribute names. */ static attrs: Set<string>; /** * Separator for consecutive elements of the same type. */ static tagSep: string; /** * Separator for attributes. Also separates the last attribute from the text content. */ static attrSep: string; static shorthands: { '[*]': string; '[/*]': string; '[bq]': string; '[/bq]': string; '[uli]': string; '[/uli]': string; '[oli]': string; '[/oli]': string; }; /** * Converts the marksafe-formated textContent of the element into HTML. Marksafe is * simply HTML with attributes specified within the content, angle * brackets (`< and >`) replaced with square brackets * (`[ and ]`) and only a set of permitted tags and attributes. * It also features a tag separator to make the code more concise. * * @example * import { Marksafe } from 'marksafe' * document.body.innerHTML = ` * <main> * [p] * This is the first paragraph. &quot;p&quot; tag is allowed * [/p] * [p] * Links like [a]href=https://github.com/mksunny1/marksafe2,,this[/a] can be present. * ;; * Yet another paragraph * ;; * class=bolder,,And another one with a class attribute... * [/p] * [img] * src=https://images.com/first.png,,alt=First image,,width=100%,,height=200px,, * [/img] * </main> * ` * Marksafe.process(document.querySelector('main')); * console.log(document.querySelector('a').textContent); // this * console.log(document.querySelector('a').href); // https://github.com/mksunny1/marksafe2 * * @param element The element to process */ static process(element: Element): Element; /** * Replaces the opening ([tag]) and closing ([/tag]) square brackets for the specified tag in the text * with the angle brackets. This does not process attributes. * * @param text The raw or partially processed Marksafe text before the tag is processed * @param tag The tag to be processed (converted from Marksafe syntax to HTML syntax) * @returns The same text with all instances of the tag converted from Marksafe Syntax to HTML syntax */ static replace(text: string, tag: string): string; /** * Runs final processing of the elements (recursively from the top down) first to replace any intermediate * elements with their correct final elements and then to proccess all attributes and remove them from * the text content where they are specified. * * @param element The element to process * @param top Whether this is the top-level element. */ static processElement(element: Element, top?: boolean): void; /** * Processes and xxtracts any attributes specified within the text content of the element. * * @param element The element to process * @param text The input textContent of the element containing attributes and/or intended textContent. */ static processAttrs(element: Element, text: string): void; }