diff options
author | Přemysl Eric Janouch <p@janouch.name> | 2022-03-05 12:17:54 +0100 |
---|---|---|
committer | Přemysl Eric Janouch <p@janouch.name> | 2022-10-08 17:00:56 +0200 |
commit | 5b9e22e5dd31b0c588a7d8072f5e0411412a8aa4 (patch) | |
tree | 2fa0496c22684c398c05fefb0ff6eef5367b87c4 | |
parent | 3181050ac251b034f20a49ef08113f8f1c593fec (diff) | |
download | haven-5b9e22e5dd31b0c588a7d8072f5e0411412a8aa4.tar.gz haven-5b9e22e5dd31b0c588a7d8072f5e0411412a8aa4.tar.xz haven-5b9e22e5dd31b0c588a7d8072f5e0411412a8aa4.zip |
WIP: Shouldn't allow it in pass-through mode, at minimum.
-rw-r--r-- | hswg/main.go | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/hswg/main.go b/hswg/main.go index 3c7582e..6afbbd3 100644 --- a/hswg/main.go +++ b/hswg/main.go @@ -81,7 +81,12 @@ func Render(r io.Reader, config *configuration.Configuration) ( // return var doc *types.Document - if doc, err = parser.ParseDocument(pr, config); err == nil { + var preprocessed string + // TODO(p): Ensure that this doesn't pose a security risk. + if preprocessed, err = parser.Preprocess(pr, config); err != nil { + // Render it raw below. + } else if doc, err = parser.ParseDocument( + strings.NewReader(preprocessed), config); err == nil { doctype := config.Attributes.GetAsStringWithDefault( types.AttrDocType, "article") problems, verr := validator.Validate(doc, doctype) |