-
Notifications
You must be signed in to change notification settings - Fork 172
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug: Typedoc comments with text wrapped in "<" and ">" breaks Docusaurus Markdown parser #276
Comments
This change was done b/c the angle brackets break the compiler for [typedoc-plugin-markdown](https://github.com/tgreyuk/typedoc-plugin-markdown), a library for converting Typedoc to markdown. It interprets the angle brackets as an HTML tag, whereas it's just being used for emphasis. This issue occurred specifically when using [docusaurus-plugin-typedoc](https://www.npmjs.com/package/docusaurus-plugin-typedoc). More details about this problem can be found here - typedoc2md/typedoc-plugin-markdown#276 This change fixes the issues by replacing the backticks (`<` and `>`) with markdown backticks to highlight the word and achieve the same desired emphasis without breaking the markdown parser. i was able to validate that this works in my local environment.
hi @mongodben .. Docusaurus is trying to parse as MDX. I would suggest the solution here is to simply wrap in a backtick which will render as an inline code snippet.
|
thanks tom. unfortunately, the source code comes from an external library, so i don't have direct control over the typedoc comment which is breaking the MDX. i put in a PR with them with a change similar to what you propose here. |
ok thanks for letting me know @mongodben .. i will re-open this and have a think if this is a use-case that should be fixed at plugin level. |
I think the simple solution is to scape the HTML ( A smart solution is use a package to sanitize the output like xss |
xss makes sense to me for covering this case and anything else that could
happen w unexpected processing of markup (in addition to XSS attacks via
the docs, i guess). hopefully there wouldn't be a large implication on
build time to run all text through the xss processor.
happy to implement the feature if pointed in the right direction where to
implement w/in this project.
…On Tue, Mar 8, 2022 at 7:04 AM Edgard Lorraine Messias < ***@***.***> wrote:
I think the simple solution is to scape the HTML (<>) to (<>), but it is
necessary to ignore contents inside of ` and ```
A smart solution is use a package to sanitize the output like xss
—
Reply to this email directly, view it on GitHub
<#276 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AVTSWU4PWYTFJZMWMXKBXGTU6465BANCNFSM5KJVWBJA>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
I just created a TypeDoc plugin that sanitizes using DOMPurify: However, it is sanitizing/removing content inside codeblocks. Look at the following example: /**
* A custom component.
*
* @example
* ```tsx
* <CustomComponent><h1>Custom</h1></CustomComponent>
* ```
*/
const CustomComponent: React.FC = ({ children }) => <>{children}</> The resulting markdown is:
Note: ignore the last space before code block close, it was just to escape it. At this point, how could I use the TypeDoc plugin syntax/tools to avoid sanitizing an excerpt inside a code block ( I'm thinking about running the |
@fsmaia Are there instructions for how a docusaurus side could use that? |
I'm also getting hit by this: * 'nonce-<base64-value>' with <base64-value> replaced be a server-generated
* nonce.
*
* To provide a nonce to use on generated <style> elements, set Error with LitElementSyntaxError: site/docs/api/classes/OEmbedElement.md: Expected corresponding JSX closing tag for <base64-value>. (2022:8)
2020 | CSP directive, the style-src value must either include 'unsafe-inline' or
2021 | 'nonce-`}<base64-value>{`' with `}<base64-value>{` replaced be a server-generated
> 2022 | nonce.`}</p>
| ^
2023 | <p>{`To provide a nonce to use on generated `}<style>{` elements, set
2024 | `}<inlineCode parentName="p">{`window.litNonce`}</inlineCode>{` to a server-generated nonce in your page's HTML, before
2025 | loading application code:`}</p>
SyntaxError: site/docs/api/index.md: Expected corresponding JSX closing tag for <MDXLayout>. (68:165)
66 | <h3 {...{"id":"static-site"}}>{`Static Site`}</h3>
67 | <p>{`This project includes a simple website generated with the `}<a parentName="p" {...{"href":"11ty.dev"}}>{`eleventy`}</a>{` static site generator and the templates and pages in `}<inlineCode parentName="p">{`/docs-src`}</inlineCode>{`. The site is generated to `}<inlineCode parentName="p">{`/docs`}</inlineCode>{` and intended to be checked in so that GitHub pages can serve the site `}<a parentName="p" {...{"href":"https://help.github.com/en/github/working-with-github-pages/configuring-a-publishing-source-for-your-github-pages-site"}}>{`from `}<inlineCode parentName="a">{`/docs`}</inlineCode>{` on the master branch`}</a>{`.`}</p>
> 68 | <p>{`To enable the site go to the GitHub settings and change the GitHub Pages `}{`"`}{`Source`}{`"`}{` setting to `}{`"`}{`master branch /docs folder`}{`"`}{`.`}</p></p>
| ^
69 | <p>{`To build the site, run:`}</p>
70 | <pre><code parentName="pre" {...{"className":"language-bash"}}>{`npm run docs
71 | `}</code></pre>
client (webpack 5.75.0) compiled with 2 errors
Package: lit@2.4.1 |
Unescaped tags in markdown can cause issues with mdx API engines like typedoc-plugin-markdown. For context see typedoc2md/typedoc-plugin-markdown#276
Unescaped tags in markdown can cause issues with mdx API engines like typedoc-plugin-markdown. For context see typedoc2md/typedoc-plugin-markdown#276
typedoc-plugin-markdown@4.0.0 https://typedoc-plugin-markdown.org/docs/options#sanitizecomments |
hello,
i'm using docusaurus-plugin-typedoc. it works perfectly with the exception of having trouble parsing the the characters
<
and>
when they are wrapping a single word in a Typedoc comment. in this case, the Docusaurus interpreter reads it as a JSX element, and the compilation process crashes.this issue occurred when parsing https://github.com/Chevrotain/chevrotain/blob/master/packages/types/api.d.ts#L160
the word
<tokType>
causes the problem. the error output is:i was able to fix this error by replacing
<tokType>
(anything without the angle brackets would work) with"tokType"
in the file and rerunningyarn start
.would be great if the parser could take this scenario into account and sanitize the text, perhaps by replacing the angle brackets with their HTML escape characters
>
and<
.The text was updated successfully, but these errors were encountered: