Skip to content

Commit 6dad7d5

Browse files
dpvcdpvc
committed
Merge branch 'safe-patch' into v2.2-beta
2 parents c8dc3a2 + 4af4346 commit 6dad7d5

File tree

3 files changed

+54
-26
lines changed

3 files changed

+54
-26
lines changed

unpacked/config/Safe.js

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,9 @@
2929
* limitations under the License.
3030
*/
3131

32-
if (!MathJax.Hub.config.extensions) {MathJax.Hub.config.extensions = []}
33-
MathJax.Hub.config.extensions.push("Safe.js");
32+
MathJax.Hub.Register.StartupHook("End Config", function () {
33+
if (!MathJax.Hub.config.extensions) {MathJax.Hub.config.extensions = []}
34+
MathJax.Hub.config.extensions.push("Safe.js");
35+
});
3436

35-
MathJax.Ajax.loadComplete("[MathJax]/config/Safe.js");
37+
MathJax.Ajax.loadComplete("[MathJax]/config/Safe.js");

unpacked/extensions/Safe.js

Lines changed: 41 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -97,6 +97,20 @@
9797
config: CONFIG,
9898
div1: document.createElement("div"), // for CSS processing
9999
div2: document.createElement("div"),
100+
101+
//
102+
// Methods called for MathML attribute processing
103+
//
104+
filter: {
105+
"class": "filterClass",
106+
style: "filterStyles",
107+
id: "filterID",
108+
fontsize: "filterFontSize",
109+
mathsize: "filterFontSize",
110+
scriptminsize: "filterFontSize",
111+
scriptsizemultiplier: "filterSizeMultiplier",
112+
scriptlevel: "filterScriptLevel"
113+
},
100114

101115
//
102116
// Filter HREF URL's
@@ -113,12 +127,12 @@
113127
//
114128
filterClass: function (CLASS) {
115129
if (ALLOW.classes === "none" ||
116-
(ALLOW.classes !== "all" && !CLASS.match(/^MJX-/))) {CLASS = null}
130+
(ALLOW.classes !== "all" && !CLASS.match(/^MJX-[-a-zA-Z0-9_.]+$/))) {CLASS = null}
117131
return CLASS;
118132
},
119133
filterID: function (id) {
120134
if (ALLOW.cssIDs === "none" ||
121-
(ALLOW.cssIDs !== "all" && !id.match(/^MJX-/))) {id = null}
135+
(ALLOW.cssIDs !== "all" && !id.match(/^MJX-[-a-zA-Z0-9_.]+$/))) {id = null}
122136
return id;
123137
},
124138

@@ -171,6 +185,23 @@
171185
return (ALLOW.fontsize === "all" ? size: null);
172186
},
173187

188+
//
189+
// Filter scriptsizemultiplier
190+
//
191+
filterSizeMultiplier: function (size) {
192+
if (ALLOW.fontsize === "none") {size = null}
193+
else if (ALLOW.fontsize !== "all") {size = Math.min(1,Math.max(.6,size)).toString()}
194+
return size;
195+
},
196+
//
197+
// Filter scriptLevel
198+
//
199+
filterScriptLevel: function (level) {
200+
if (ALLOW.fontsize === "none") {level = null}
201+
else if (ALLOW.fontsize !== "all") {level = Math.max(0,level).toString()}
202+
return level;
203+
},
204+
174205
//
175206
// Filter TeX extension names
176207
//
@@ -242,9 +273,10 @@
242273
});
243274

244275
HUB.Register.StartupHook("TeX Jax Ready",function () {
245-
var TEX = MathJax.InputJax.TeX;
276+
var TEX = MathJax.InputJax.TeX,
277+
PARSE = TEX.Parse, METHOD = SAFE.filter;
246278

247-
TEX.Parse.Augment({
279+
PARSE.Augment({
248280

249281
//
250282
// Implements \require{name} with filtering
@@ -258,11 +290,9 @@
258290
//
259291
// Controls \mmlToken attributes
260292
//
261-
MmlTokenAllow: {
262-
fontsize: (ALLOW.fontsize === "all"),
263-
id: (ALLOW.cssIDs === "all"),
264-
"class": (ALLOW.classes === "all"),
265-
style: (ALLOW.styles === "all")
293+
MmlFilterAttribute: function (name,value) {
294+
if (METHOD[name]) {value = SAFE[METHOD[name]](value)}
295+
return value;
266296
},
267297

268298
//
@@ -292,16 +322,9 @@
292322
});
293323

294324
HUB.Register.StartupHook("MathML Jax Ready",function () {
295-
var PARSE = MathJax.InputJax.MathML.Parse;
325+
var PARSE = MathJax.InputJax.MathML.Parse,
326+
METHOD = SAFE.filter;
296327

297-
var METHOD = {
298-
href: "filterURL",
299-
"class": "filterClass",
300-
id: "filterID",
301-
fontsize: "filterFontSize",
302-
style: "filterStyles"
303-
};
304-
305328
//
306329
// Filter MathML attributes
307330
//

unpacked/jax/input/TeX/jax.js

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1441,15 +1441,18 @@
14411441
"%1 is not a recognized attribute for %2",
14421442
match[1],type]);
14431443
}
1444-
var value = match[2].replace(/^(['"])(.*)\1$/,"$2");
1445-
if (value.toLowerCase() === "true") {value = true}
1446-
else if (value.toLowerCase() === "false") {value = false}
1447-
def[match[1]] = value;
1448-
def.attrNames.push(match[1]);
1444+
var value = this.MmlFilterAttribute(match[1],match[2].replace(/^(['"])(.*)\1$/,"$2"));
1445+
if (value) {
1446+
if (value.toLowerCase() === "true") {value = true}
1447+
else if (value.toLowerCase() === "false") {value = false}
1448+
def[match[1]] = value;
1449+
def.attrNames.push(match[1]);
1450+
}
14491451
attr = attr.substr(match[0].length);
14501452
}
14511453
this.Push(this.mmlToken(MML[type](data).With(def)));
14521454
},
1455+
MmlFilterAttribute: function (name,value) {return value},
14531456
MmlTokenAllow: {
14541457
fontfamily:1, fontsize:1, fontweight:1, fontstyle:1,
14551458
color:1, background:1,

0 commit comments

Comments
 (0)