Automatic links in description markdown about attendance HOT 11 CLOSED

Because GitHub parses issues as Markdown, I can't understand this issue, reopen with fixed description

from attendance.

Hey, I fixed the description, but I do not have permissions to reopen. Do you want to reopen #107 or do you want me to create a new issue?

Jesse Rosalia
GIT MAD, President
Undergraduate Computer Science
Georgia Institute of Technology
[email protected]

On Jan 18, 2012, at 11:01 PM, Ankit Shankar wrote:

Because GitHub parses issues as Markdown, I can't understand this issue, reopen with fixed description

---

Reply to this email directly or view it on GitHub:
https://github.com/cc-wit/attendance/issues/107#issuecomment-3557666

from attendance.

How will this obfuscate the emails?

from attendance.

I tried to copy and paste the text from daringfireball.net and it was a markdown mess. Check out http://daringfireball.net/projects/markdown/syntax#autolink

from attendance.

If this doesn't work out of the box, I think this is more work than it's worth for now. Maybe after we fix/implement all the other things :)

from attendance.

What's bizarre is the discount markdown reference says it should…which probably means you're right...there's a bug in some code we just don't want to be touching right now, haha.

On Jan 18, 2012, at 11:38 PM, Ankit Shankar wrote:

If this doesn't work out of the box, I think this is more work than it's worth for now. Maybe after we fix/implement all the other things :)

---

Reply to this email directly or view it on GitHub:
https://github.com/cc-wit/attendance/issues/107#issuecomment-3557866

from attendance.

A bit more information on this: It looks like the reason that this doesn't work is because we escape the HTML in the markdown before passing it off to discount. This is also the reason HTML tags (formatting, layout, iframes) show up in the rendered markdown as plain text (instead of actually affecting the layout of the markdown). I think escaping the HTML is a good idea from safety, but these other features would be really nice...could we achieve the same security result by removing the call to escape, and then passing the rendered HTML thru whitelist sanitizer to remove malicious links?

from attendance.

We may want to look at this

from attendance.

Yea that looks pretty sweet...on first glance, exactly what I want for this and a couple other issues.

from attendance.

Reopened to examine pagedown (http://code.google.com/p/pagedown/)

from attendance.

While I was upgrading modules for the move to Express 3.0, I replaced discount with marked which seems to support automatic linking for anything that's a valid link that looks like http://*.*.*. I think this would be sufficient.

from attendance.