I'm currently trying to build a chat app, using the official markdown package as well as underscore's escape function, and my template contains something like this:
<span class="message-content">
{{#markdown}}{{text}}{{/markdown}}
</span>
When I grab the text from the chat input box, I try to escape any HTML and then add in line breaks. safeText is then inserted into the database and displayed in the above template.
rawText = $("#chat-input-textbox").val();
safeText = _.escape(rawText).replace(/(?:\r\n|\r|\n)/g, '\n');
The normal stuff like headings, italics, and bold looks okay. However, there are two major problems:
Code escape issue - With the following input:
<script>alert("test")</script>
```
alert('hello');
```
This is _italics_!
Everything looks fine, except the alert('hello'); has become alert('hello'); instead. The <pre> blocks aren't rendering the escaped characters, which makes sense. But the problem is, the underscore JS escape function escapes everything.
SOLVED: Line break Issue - With the following input:
first
second
third
I get first second third being displayed with no line breaks. I understand this could be a markdown thing. Since I believe you need an empty line between paragraphs to get linebreaks in markdown. But having the above behaviour would be the most ideal, anyone know how to do this?
UPDATE Line break issue has been solved by adding an extra \n to my regex. So now I'm making sure that any line break will be represented with at least two \n characters (i.e. \n\n).
You should check the showdown docs and the wiki article they have on the topic.
The marked npm package, which is used by Telescope removes disallowed-tags. These include <script> of course. As the article I linked to above explains, there's still another problem with this:
<a href='javascript:alert("kidding! Im more the world domination kinda guy. Muhahahah")'>
click me for world peace!
</a>
Which isn't prevented by marked. I'd follow the advice of the author and use a HTML sanitation library. Like OWASP's ESAPI or Caja's html-sanitizer. Both of these project's seem outdated dough. I also found a showdown extension for it called showdown-xss-filter. So my advice is to write your own helper, and use showdown-xss-filter.
Related
I am using the statement in R:
setwd("C:\\Users\\carl\\Documents\\research")
to set the working directory. It worked fine when I pasted the statement from someone else's R script but I received an error message:
Error: unexpected input in "setwd("".
when I entered the command directly or when I copied it from my script in a Word file.
It seems to be related to the fact that the double-quotes that I typed (that don't work) look a little slanted while the double-quotes in the pasted text (that work fine) look like they're straight up and down. Is there something I can do to type plain looking double-quotes instead of slanted double-quotes?
Word automatically replaces your double quotes with so-called smart quotes or curly quotes.
You need to use the regular/straight double quotes (") in r.
This support article explains how you can disable the automatic smart quote replacement in Word. In fairness though, Word is probably not the... um... ideal code editor.
I need to indent some math stuff in the \details section of my .Rd documentation to enhance its readability. I am using mathjaxr. Is there any way to indent without installing roxygen2 or similar?
The math stuff is inline, so simply setting to display using \mjdeqn won't solve this.
I seem to have a reasonable "cheating" work around for indenting the first line using mathjaxr, at least for the PDF and HTML output.
We need to do two things:
Use the mathjax/LaTeX phantom command. phantom works by making a box of the size necessary to type-set whatever its argument is, but without actually type-setting anything in the box. For my purposes, if I want to indent, say, about 2 characters wide, I would start the line with a \mjeqn{\phantom{22}}{ } and following with my actual text, possibly including actual mathy bits. If I want an indent of, say, roughly 4 characters wide, I might use \mjeqn{\phantom{2222}}{ }.
Because mathjaxr has a problem with tacking on unsolicited new lines when starting a line with mjeqn, we need to prefix the use of phantom in 1 above with an empty bit of something non-mathjaxr-ish like \emph{}.
Putting it all together, I can indent by about 2 characters using something like this:
\emph{}\mjeqn{\phantom{22}}Here beginneth mine indented lineā¦
I need to explore whether the { } business actually indents for ASCII output, or whether I might accomplish that using or some such.
I've created a little Xmobar status indicator for https://complice.co. Inspired by the agnoster Zsh theme, I used some box-drawing characters to try to put triangle-like ends on the end of the status bar. But they aren't aligning correctly, as shown here:
The triangle is too small, leaving a lip at the bottom. It annoys me that it's not pixel-perfect. Does anyone have any insight into why it isn't sized correctly? I've never used box-drawing characters and couldn't find any documentation on the specific ones I'm using (\ue0b2 and \ue0b0) - any links would be appreciated.
I use a script to generate the text. The important part is here where I use the box-drawing characters: https://github.com/d4hines/beth/blob/master/scripts/complice#L38
And the Xmobar config: https://github.com/d4hines/beth/blob/master/flake.nix#L249-L265
In the README.rst for blargs we see an syntactic error in the first sentence of the Quick Start section - specifically we see :class: rendered instead of only seeing Parser.
The actual code of that sentence is:
The preferred use of :class:`Parser` is via the ``with`` idiom, as follows:
How do we fix that syntax so that it correctly renders and what part of the restructured text docs informs us about this?
Can I teach Notepad++ that it should apply a fold whenever it sees a multi-line comment, where comments start with the hash mark and multi-line comments are hash marks on consecutive lines?
# This is a comment
# It continues on the next line
# and the next
# I want to fold this block
Edit
I submitted a fix to the R lexer to support multi-line comments. It includes the fix to source as well as a compiled SciLexer.dll for those who are eager to use this feature. Simply replace SciLexer.dll in the NPP folder with the one attached to the bug:
https://sourceforge.net/tracker/?func=detail&aid=3485870&group_id=95717&atid=612385
I've tested your multi-line comment with notepad++ 5.9.8 and it correctly fold as a single entity as long as there is a non-comment line between the comment groups and that the language selected has comments starting with '#' (eg: sh).
EDIT:
This seem to be language specific.
I've looked at the xml files that configure the behavior of notepad++ and it seem that this mechanic is hardcoded inside the program.
EDIT2:
The author of the question has just added comment folding support for the R languange!