display single files from gist #861

Merged
merged 4 commits into from Mar 17, 2013

Projects

None yet

4 participants

@danielgrieve

No description provided.

@danielgrieve

This was requested by @pathawks in issue #839

@jwebcat
jwebcat commented Mar 16, 2013

@danielgrieve isn't there a plugin for this already?

@danielgrieve

Well the plugin that comes with standard jekyll at the moment can only display full gists, so this adds the capability to display single files. Yes, there are plugins that you can add which will do what I've added here, but not part of a base jekyll installation.

@jwebcat
jwebcat commented Mar 16, 2013

@danielgrieve Fantastic, and thanks bro :+1 looking forward to using this on gh pages.

On Mar 16, 2013 5:46 AM, "Daniel Grieve" notifications@github.com wrote:

Well the plugin that comes with standard jekyll at the moment can only
display full gists, so this adds the capability to display single files.
Yes, there are plugins that you can add which will do what I've added here,
but not part of a base jekyll installation.


Reply to this email directly or view it on GitHubhttps://github.com/mojombo/jekyll/pull/861#issuecomment-15004269
.

@parkr parkr and 1 other commented on an outdated diff Mar 16, 2013
lib/jekyll/tags/gist.rb
module Jekyll
class GistTag < Liquid::Tag
- def initialize(tag_name, gist, tokens)
- super
- @gist = gist.strip
+ def render(context)
+ if tag_contents = @markup.match(/(\d+) (.*)/)
@parkr
parkr Mar 16, 2013 Jekyll member

I'm a bit worried about the freedom of the second part of this Regexp. It's probably fine, but I just want to double-check.

@mojombo will have to verify that this won't be a vunerability to GitHub's systems.

@mojombo
mojombo Mar 17, 2013 collaborator

@parkr I don't see any security problem here, what kind of problem were you envisioning?

Regardless, it's probably wise to make the regex more strict. Something like:

@markup.strip.match(/\A(\d+) ?(\S*)\Z/)

Note the .strip, the anchoring of beginning and end of string, optional space, and the non-whitespace-only match in filename part.

@parkr
parkr Mar 17, 2013 Jekyll member

@mojombo Mostly worried about someone hacking this through a security vulnerability in Regexp in the version of Ruby that GitHub Pages uses to run jekyll on sites you host. I'd rather be safe than sorry, so I just wanted to check!

@parkr parkr and 1 other commented on an outdated diff Mar 16, 2013
lib/jekyll/tags/gist.rb
end
- def render(context)
- "<script src=\"https://gist.github.com/#{@gist}.js\"> </script>"
+ private
+
+ def gist_script_tag(gist_id, filename=nil)
+ if filename.empty?
+ "<script src=\"https://gist.github.com/#{gist_id}.js\">\s</script>"
@parkr
parkr Mar 16, 2013 Jekyll member

What do you accomplish with the \s?

@danielgrieve
danielgrieve Mar 16, 2013

I'm not sure how that made it in there, it should've just stayed as a space!

Daniel Grieve added some commits Mar 16, 2013
@danielgrieve

Took the suggestions from @mojombo there for the regex matching.

@parkr
Member
parkr commented Mar 17, 2013

@danielgrieve Bomb, thanks man. One last fix and I'll merge it in!

Daniel Grieve fix regex b9cbce5
@parkr parkr merged commit a054ce2 into jekyll:master Mar 17, 2013

1 check passed

Details default The Travis build passed
@parkr parkr added a commit that referenced this pull request Mar 17, 2013
@parkr parkr Update history to reflect #861 677a87e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment