md5-[A-Fa-f0-9]{32}', ''.join(peek_tokens))
+ def _is_comment(token):
+ if self.safe_mode == 'replace':
+ # don't bother processing each section of comment in replace mode. Just do the whole thing
+ return
+ return re.match(r'()', token)
+
+ def _hash(token):
+ key = _hash_text(token)
+ self.html_spans[key] = token
+ return key
+
tokens = []
split_tokens = self._sorta_html_tokenize_re.split(text)
is_html_markup = False
for index, token in enumerate(split_tokens):
if is_html_markup and not _is_auto_link(token) and not _is_code_span(index, token):
- sanitized = self._sanitize_html(token)
- key = _hash_text(sanitized)
- self.html_spans[key] = sanitized
- tokens.append(key)
+ is_comment = _is_comment(token)
+ if is_comment:
+ tokens.append(_hash(self._sanitize_html(is_comment.group(1))))
+ # sanitise but leave comment body intact for further markdown processing
+ tokens.append(self._sanitize_html(is_comment.group(2)))
+ tokens.append(_hash(self._sanitize_html(is_comment.group(3))))
+ else:
+ tokens.append(_hash(self._sanitize_html(token)))
else:
tokens.append(self._encode_incomplete_tags(token))
is_html_markup = not is_html_markup
diff --git a/test/tm-cases/escape_html_comments_safe_mode.html b/test/tm-cases/escape_html_comments_safe_mode.html
new file mode 100644
index 00000000..9b2b2bc9
--- /dev/null
+++ b/test/tm-cases/escape_html_comments_safe_mode.html
@@ -0,0 +1,3 @@
+foo <!-- bar
+ +foo <!-- bar -->
diff --git a/test/tm-cases/escape_html_comments_safe_mode.opts b/test/tm-cases/escape_html_comments_safe_mode.opts new file mode 100644 index 00000000..f15d59b8 --- /dev/null +++ b/test/tm-cases/escape_html_comments_safe_mode.opts @@ -0,0 +1 @@ +{'safe_mode': 'escape'} diff --git a/test/tm-cases/escape_html_comments_safe_mode.text b/test/tm-cases/escape_html_comments_safe_mode.text new file mode 100644 index 00000000..c5f3eef2 --- /dev/null +++ b/test/tm-cases/escape_html_comments_safe_mode.text @@ -0,0 +1,3 @@ +*foo*