Footnotes broken with php-markdown

Created on 10 October 2023, over 1 year ago

Updated 11 October 2023, over 1 year ago

Problem/Motivation

When creating footnotes with the PHP Markdown Extra parser, the id attributes are first correctly generated (e.g. fnref:1 and fn:1) but then they are changed inside Xss:filter(), where fnref: and fn: are treated as unsafe URL protocols and stripped away.

Steps to reproduce

1. Configure to use Markdown with the PHP Markdown Extra parser
2. Create content with footnotes, e.g:

This is some text with a footnote.[^1]

[^1]: And that's the footnote.

3. Save and examine the HTML output.

Proposed resolution

Not sure. It looks like colons are not really recommended in id attributes to begin with, but that is up to the parser library. The treatment of colons in Xss::filter() doesn't seem to be configurable.

Would it be reasonable to change any colon preceded by fn(ref)?[0-9]* into underscores or so, before calling Xss:filter()?

Remaining tasks

User interface changes

API changes

We might change how some id attributes in the output HTML will look like.

Data model changes

🐛 Bug report

Status

Needs review

Version

3.0

Component

Parser: PHP Markdown/PHP Markdown Extra

Created by

🇸🇪Sweden Arla

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @Arla
Open in Jenkins → Open on Drupal.org →
Core: 9.5.x + Environment: PHP 8.0 & MySQL 5.7
last update over 1 year ago
Build Successful
@arla opened merge request.
Status changed to Needs review over 1 year ago10:08am 11 October 2023
Comment over 1 year ago →
🇸🇪Sweden Arla
Created a merge request with an implementation of my suggestion of changing fn:1 etc into fn_1.

(I'm new to working with merge requests on Drupal.org, so apologies if I'm doing it wrong!)
Open in Jenkins → Open on Drupal.org →
Core: 9.5.x + Environment: PHP 8.0 & MySQL 5.7
last update over 1 year ago
Build Successful

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024