From 6a3fc713978a0c1c9290a4afd08b47886b49b635 Mon Sep 17 00:00:00 2001 From: Wim Date: Sat, 13 Aug 2022 16:14:26 +0200 Subject: Update dependencies and go1.18 (#1873) * Update dependencies and go1.18 * Exclude unnecessary linters and update build to go1.18 --- .../gomarkdown/markdown/internal/valid/valid.go | 45 ++++++++++++++++++++++ 1 file changed, 45 insertions(+) (limited to 'vendor/github.com/gomarkdown/markdown/internal/valid/valid.go') diff --git a/vendor/github.com/gomarkdown/markdown/internal/valid/valid.go b/vendor/github.com/gomarkdown/markdown/internal/valid/valid.go index b9a761eb..9b3de3ec 100644 --- a/vendor/github.com/gomarkdown/markdown/internal/valid/valid.go +++ b/vendor/github.com/gomarkdown/markdown/internal/valid/valid.go @@ -1,5 +1,9 @@ package valid +import ( + "bytes" +) + var URIs = [][]byte{ []byte("http://"), []byte("https://"), @@ -12,3 +16,44 @@ var Paths = [][]byte{ []byte("./"), []byte("../"), } + +// TODO: documentation +func IsSafeURL(url []byte) bool { + nLink := len(url) + for _, path := range Paths { + nPath := len(path) + linkPrefix := url[:nPath] + if nLink >= nPath && bytes.Equal(linkPrefix, path) { + if nLink == nPath { + return true + } else if isAlnum(url[nPath]) { + return true + } + } + } + + for _, prefix := range URIs { + // TODO: handle unicode here + // case-insensitive prefix test + nPrefix := len(prefix) + if nLink > nPrefix { + linkPrefix := bytes.ToLower(url[:nPrefix]) + if bytes.Equal(linkPrefix, prefix) && isAlnum(url[nPrefix]) { + return true + } + } + } + + return false +} + +// isAlnum returns true if c is a digit or letter +// TODO: check when this is looking for ASCII alnum and when it should use unicode +func isAlnum(c byte) bool { + return (c >= '0' && c <= '9') || isLetter(c) +} + +// isLetter returns true if c is ascii letter +func isLetter(c byte) bool { + return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') +} -- cgit v1.2.3