Go to file
Alexander Scheel ee7df7ba8c Markdown: Sanitizier Configuration (#9075)
* Support custom sanitization policy

Allowing the gitea administrator to configure sanitization policy allows
them to couple external renders and custom templates to support more
markup. In particular, the `pandoc` renderer allows generating KaTeX
annotations, wrapping them in `<span>` elements with class `math` and
either `inline` or `display` (depending on whether or not inline or
block mode was requested).

This iteration gives the administrator whitelisting powers; carefully
crafted regexes will thus let through only the desired attributes
necessary to support their custom markup.

Resolves: #9054

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>

* Document new sanitization configuration

 - Adds basic documentation to app.ini.sample,
 - Adds an example to the Configuration Cheat Sheet, and
 - Adds extended information to External Renderers section.

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>

* Drop extraneous length check in newMarkupSanitizer(...)

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>

* Fix plural ELEMENT and ALLOW_ATTR in docs

These were left over from their initial names. Make them singular to
conform with the current expectations.

Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>
2019-12-07 14:49:04 -05:00
.github Display Github support button (#7343) 2019-07-02 12:06:25 +02:00
assets Add task to generate images from SVG and change to new logo (#2194) 2017-07-28 13:51:20 +08:00
cmd Graceful: Cancel Process on monitor pages & HammerTime (#9213) 2019-11-30 16:40:22 +02:00
contrib Rephrase comment about RuntimeDirectory option (#8912) 2019-11-10 11:49:39 -05:00
custom/conf Markdown: Sanitizier Configuration (#9075) 2019-12-07 14:49:04 -05:00
docker Fix latest docker image haven't include static files. (#9252) 2019-12-05 12:18:28 -05:00
docs Markdown: Sanitizier Configuration (#9075) 2019-12-07 14:49:04 -05:00
integrations Redirect issue if repo has configured external tracker. (#9247) 2019-12-06 23:21:18 -05:00
models Move UpdateIssuesCommit from models to repofiles (#9276) 2019-12-07 23:52:36 +08:00
modules Markdown: Sanitizier Configuration (#9075) 2019-12-07 14:49:04 -05:00
options [skip ci] Updated translations via Crowdin 2019-12-07 15:54:45 +00:00
public Add Node.js build dep, remove built js/css files (#9114) 2019-12-05 11:41:38 +08:00
routers Redirect issue if repo has configured external tracker. (#9247) 2019-12-06 23:21:18 -05:00
scripts Update gitignore list (#5258) 2018-11-03 18:06:09 -04:00
services Move some pull request functions from models to services (#9266) 2019-12-06 21:44:10 -05:00
snap Use vfsgen instead of go-bindata (#7080) 2019-06-03 00:43:47 +03:00
templates Show label list on label set (#9251) 2019-12-06 21:13:19 -05:00
vendor upgrade levelqueue to 0.1.0 (#9192) 2019-11-28 23:37:33 +08:00
web_src fix #9198 make diff detail sticky again (#9280) 2019-12-07 13:01:57 -05:00
.changelog.yml Add changelog config file for generate changelog (#2461) 2017-09-04 13:07:57 +03:00
.drone.yml Add Node.js build dep, remove built js/css files (#9114) 2019-12-05 11:41:38 +08:00
.editorconfig Ensure LF on checkouts and in editors (#9259) 2019-12-05 23:09:01 +02:00
.eslintignore move semantic.dropdown.custom.js to webpack (#9064) 2019-11-21 18:30:14 -05:00
.eslintrc move semantic.dropdown.custom.js to webpack (#9064) 2019-11-21 18:30:14 -05:00
.gitattributes Ensure LF on checkouts and in editors (#9259) 2019-12-05 23:09:01 +02:00
.gitignore Add Node.js build dep, remove built js/css files (#9114) 2019-12-05 11:41:38 +08:00
.golangci.yml Add API for Issue set Subscription (#8729) 2019-11-02 23:27:49 +08:00
.lgtm refactor: ignore LGTM from author of pull request. (#3283) 2018-01-02 06:13:49 -06:00
.npmrc add 'npm' and 'npm-update' make targets and lockfile (#7246) 2019-06-18 22:59:47 -04:00
.revive.toml refactor: replace lint to revive (#5422) 2018-12-03 09:28:46 -05:00
.stylelintrc replace lesshint with stylelint (#7305) 2019-06-27 08:36:36 +02:00
BSDmakefile Add BSDmakefile to prevent errors when make is called under FreeBSD (#4446) 2018-07-16 20:45:51 +02:00
CHANGELOG.md Changelog 1.10.1 (#9256) (#9262) 2019-12-06 00:15:11 +02:00
CONTRIBUTING.md Correct some outdated statements in the contributing guidelines (#8612) 2019-10-21 19:45:53 -04:00
DCO follow the advisor: add DCO and some improvements 2016-11-04 16:43:41 +08:00
Dockerfile Fix latest docker image haven't include static files. (#9252) 2019-12-05 12:18:28 -05:00
go.mod upgrade levelqueue to 0.1.0 (#9192) 2019-11-28 23:37:33 +08:00
go.sum upgrade levelqueue to 0.1.0 (#9192) 2019-11-28 23:37:33 +08:00
LICENSE Fix typo 2016-11-08 08:42:05 +01:00
main.go Add golangci (#6418) 2019-06-12 15:41:28 -04:00
MAINTAINERS Add myself to maintainers (#9240) 2019-12-03 14:05:23 +01:00
Makefile Switch CSS minifier to cssnano (#9260) 2019-12-05 19:33:06 -05:00
package-lock.json Update JS dependencies (#9255) 2019-12-06 14:41:25 +08:00
package.json Update JS dependencies (#9255) 2019-12-06 14:41:25 +08:00
README_ZH.md README: Update Screenshots and Badges in ZH (#8813) 2019-11-04 19:12:58 -05:00
README.md README: Update Screenshots and Badges in ZH (#8813) 2019-11-04 19:12:58 -05:00
tools.go Use vendored go-swagger (#8087) 2019-09-04 22:53:54 +03:00
webpack.config.js enable lazy-loading of gitgraph.js (#9036) 2019-11-17 23:39:06 +02:00

简体中文

logo Gitea - Git with a cup of tea

Build Status Join the Discord chat at https://discord.gg/NsatcWJ codecov Go Report Card GoDoc GitHub release Help Contribute to Open Source Become a backer/sponsor of gitea License: MIT Crowdin

Purpose

The goal of this project is to make the easiest, fastest, and most painless way of setting up a self-hosted Git service. Using Go, this can be done with an independent binary distribution across all platforms which Go supports, including Linux, macOS, and Windows on x86, amd64, ARM and PowerPC architectures. Want to try it before doing anything else? Do it with the online demo! This project has been forked from Gogs since 2016.11 but changed a lot.

Building

From the root of the source tree, run:

TAGS="bindata" make generate all

More info: https://docs.gitea.io/en-us/install-from-source/

Using

./gitea web

NOTE: If you're interested in using our APIs, we have experimental support with documentation.

Contributing

Expected workflow is: Fork -> Patch -> Push -> Pull Request

NOTES:

  1. YOU MUST READ THE CONTRIBUTORS GUIDE BEFORE STARTING TO WORK ON A PULL REQUEST.
  2. If you have found a vulnerability in the project, please write privately to security@gitea.io. Thanks!

Further information

For more information and instructions about how to install Gitea, please look at our documentation. If you have questions that are not covered by the documentation, you can get in contact with us on our Discord server, or forum!

Authors

Backers

Thank you to all our backers! 🙏 [Become a backer]

Sponsors

Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]

FAQ

How do you pronounce Gitea?

Gitea is pronounced /ɡɪti:/ as in "gi-tea" with a hard g.

Why is this not hosted on a Gitea instance?

We're working on it.

License

This project is licensed under the MIT License. See the LICENSE file for the full license text.

Screenshots

Looking for an overview of the interface? Check it out!

Dashboard User Profile Global Issues
Branches Web Editor Activity
New Migration Migrating Pull Request View
Pull Request Dark Diff Review Dark Diff Dark