cpjolicoeur / bb-ruby Goto Github PK

Hi,

I've tried to write something like this:

   [list]
   [*] List item 1
   [*] List item 2
   [/list]

And this doesn't render the proper html code using BBRuby. [list] [/list] aren't replaced by [ul][/ul] because the regex breaks because of the "list" word in items.

In the regex you have:

     /\[list(:.*)?\]((?:(?!list).)*)\[\/list(:.)?\1?\]/mi

The

    (?!list)

Part is needed, I'm aware of that. If you replace it with:

    (?!\[\/list\])

Everything should work fine, shouldn't it?

The tag is no longer supported under XHTML Strict apparently. I found this out the hard way when I was baffled why my underline bbcode wasn't working despite the regex validating correctly. I wrap my bb code with the sanitize helper method which removes deprecated HTML tags along with pesky XSS.

RubyGems.org doesn't report a license for your gem. This is because it is not specified in the gemspec of your last release.

via e.g.

spec.license = 'MIT'
# or
spec.licenses = ['MIT', 'GPL-2']

Including a license in your gemspec is an easy way for rubygems.org and other tools to check how your gem is licensed. As you can imagine, scanning your repository for a LICENSE file or parsing the README, and then attempting to identify the license or licenses is much more difficult and more error prone. So, even for projects that already specify a license, including a license in your gemspec is a good practice. See, for example, how rubygems.org uses the gemspec to display the rails gem license.

There is even a License Finder gem to help companies/individuals ensure all gems they use meet their licensing needs. This tool depends on license information being available in the gemspec. This is an important enough issue that even Bundler now generates gems with a default 'MIT' license.

I hope you'll consider specifying a license in your gemspec. If not, please just close the issue with a nice message. In either case, I'll follow up. Thanks for your time!

Appendix:

If you need help choosing a license (sorry, I haven't checked your readme or looked for a license file), GitHub has created a license picker tool. Code without a license specified defaults to 'All rights reserved'-- denying others all rights to use of the code.
Here's a list of the license names I've found and their frequencies

p.s. In case you're wondering how I found you and why I made this issue, it's because I'm collecting stats on gems (I was originally looking for download data) and decided to collect license metadata,too, and make issues for gemspecs not specifying a license as a public service :). See the previous link or my blog post about this project for more information.

Hello Craig,

is is possible for you to implement the [table], [td], [tr] and [th] tags?
That would be nice!

Michael

I'm trying to only enable underline, doesn't seem to be working.

>> "[quote]test[/quote]".bbcode_to_html({}, true, :enable, :underline)
=> "<fieldset><legend>Quote:</legend><blockquote>test</blockquote></fieldset>"

If I wrap a line of text in [code][/code], I'd love for that text to not get parsed as BB code.

For instance:

[code][b]Bold[/b] text[/code]

Should just output (with the [b] tags shown):

[b]Bold[/b] text

Let's assume we have a text like this:

line = "[quote=part]Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed et metus eu turpis pharetra eleifend in eget urna. Aliquam dictum lectus rhoncus, imperdiet metus eget, molestie justo. 

Nam faucibus, lectus in convallis fermentum, nisi lacus iaculis nulla, non varius justo justo ac turpis. Pellentesque lacinia ante in ligula suscipit aliquam. Cras sit amet nibh luctus, scelerisque massa sit amet, aliquet nibh. [/quote]"

As one expects if I run line.bbcode_to_html it generates proper syntax:

<fieldset><legend>part</legend><blockquote>Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed et metus eu turpis pharetra eleifend in eget urna. Aliquam dictum lectus rhoncus, imperdiet metus eget, molestie justo. 

Nam faucibus, lectus in convallis fermentum, nisi lacus iaculis nulla, non varius justo justo ac turpis. Pellentesque lacinia ante in ligula suscipit aliquam. Cras sit amet nibh luctus, scelerisque massa sit amet, aliquet nibh. </blockquote></fieldset>

However, if I use line.bbcode_to_html_with_formatting it puts the paragraph tags in the wrong place.

<p><fieldset><legend>part</legend><blockquote>Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed et metus eu turpis pharetra eleifend in eget urna. Aliquam dictum lectus rhoncus, imperdiet metus eget, molestie justo. <p>

<p>Nam faucibus, lectus in convallis fermentum, nisi lacus iaculis nulla, non varius justo justo ac turpis. Pellentesque lacinia ante in ligula suscipit aliquam. Cras sit amet nibh luctus, scelerisque massa sit amet, aliquet nibh. </blockquote></fieldset></p>

Hi,

bb-ruby does not produce HTML safe code.

Test case:

> puts '[url=" onclick="alert(\'Hello World!\');]Hello world[/url]'.bbcode_to_html
<a href="" onclick="alert('Hello World!');">Hello world</a>

Obviously (if this is valid BBCode, which I guess it is), this could have been avoided if the quotes would have been replaced by " entities.

Hi, is there any possibility of limit characters without breaking an open tag?

Thanks

If I try to use the youtube tag multiple times, bb-ruby replaces everything from the first [youtube] to the last [/youtube] with only one object element. For example,

A [youtube]some-url[/youtube] B [youtube]other-url[/youtube] C

becomes

A <object>...</object> C

instead of

A <object>..</object> B <object>...</object> C

The reason seems to be that the last * quantifier in the regex is (per default) greedy instead of lazy. Because of that it matches as much as it possibly can, all the way to the last [/youtube]. If you set this quantifier to be lazy, *? instead of *, the problem should be solved.

Automated detected links beginning with www are missing the http://. Example:

Test www.example.com Test

will produce this:

Test <a href="www.example.com">www.example.com</a>

This would be correct:

Test <a href="http://www.example.com">www.example.com</a>

The Problem is in lib/bb-ruby.rb line 147 and following. Its one Regex for links with and without the leading http(s)

2.1.1 :002 > html = "[email][email protected][/email]"
=> "[email][email protected][/email]"
2.1.1 :003 > html.bbcode_to_html
=> "<a href="mailto:[email protected]">[email protected]"
2.1.1 :004 > html = "[email][email protected][/email][email][email protected][/email]"
=> "[email][email protected][/email][email][email protected][/email]"
2.1.1 :005 > html.bbcode_to_html
=> "<a href="mailto:[email protected][/email]<a href="mailto:[email protected]">[email protected]">[email protected]">[email protected][email][email protected]"

Is there a way to just disable the resized image methods and not all images?

If you try to quote text that already has a quote in it, bb-ruby will only convert part of it to HTML.

For example:

[quote][quote]First message.[/quote] Response to first message.[/quote]

The above will convert the first [quote] and first [/quote] to their corresponding HTML, leaving the other tags unconverted.

Hello! Congratulations for this awesome gem :)

Would it be possible to perform also the inverse operation? Transform from html to bbcode?

I would like to save the object in the db with html tags. Because I suppose is more efficient to convert the bbcode to html just one time before creating the model, that everytime that someone load it. The problem is when I try to edit that object, now the content is in html, but the editor works with bbcode.

Maybe there is a better way to do this, instead of save the content in the db with html, but if not this could be a desirable function for a lot of people.

Tag 'Center' (also 'Left' and 'Right') would be broken with auto link, because The [center] is considered as url:

[center]hello www.test.com[/center]

would be:

<div style=\"text-align: center;\">hello <a href=\"http://www.test.com</div>\">www.test.com[/center]</a>

but should be:

<div style="text-align: center;">hello <a href="http://www.test.com">www.test.com</a></div>

So auto link should be stop until [
#39

Hi Craig 😃 ,

malicious inputs are not sanitized when using align-tag.

The input

[align=left css-selector]sadsad[/align]

results in

    <span class="bb-ruby_align_left css-selector" style="float:left css-selector;">sadsad</span>

That means, I can pass every css selector which can results in a destroyed page layout.

bbcode:
"test test www.google.pl"
output:
"test test <a href="www.google.pl">www.google.pl"

how can i disable auto-wrap "www.***" in anchor tag, and force users to use bb-code [url] tag ?

Hi there,
Is is there a way to make [url=link_location][img]img_url[/img][/url] work?

Why do custom translations use simple format? The default should be to_html without the formatting.

This can be reproduced by:

require 'bb-ruby'
mystring = "[table]\n[tr]\n[td]c1[/td]\n[td]c2[/td]\n[td]c3[/td]\n[/tr]\n[/table]" 
formats = {
  "Table"=>[/\[table\](.*?)\[\/table\]/mi, "<table class=\"table\">\\1</table>", "Table", "My Table: [table][/table]", :table],
  "Table Row"=>[/\[tr\](.*?)\[\/tr\]/mi, "<tr>\\1</tr>", "Table Row", "My Table Row: [tr][/tr]", :tr],
  "Table Cell"=>[/\[td\](.*?)\[\/td\]/mi, "<td>\\1</td>", "Table Cell", "My Table Cell: [td][/td]", :td]
} 
BBRuby.to_html(mystring, formats)

Outputs the following (notice br tags are inserted despite the fact that to_html_with_formatting was never called):

 => "<table class=\"table\"><br />\n<tr><br />\n<td>c1</td><br />\n<td>c2</td><br />\n<td>c3</td><br />\n</tr><br />\n</table>" 

hey Craig,

[align=center] does not work because float:center is not defined
it would be better to do that with divs insted of spans and text-align

MFG
Michael