From a4c9925e995da4d96b528207ccee2ef2bc97b02c Mon Sep 17 00:00:00 2001 From: Parker Moore Date: Tue, 29 Jul 2014 14:20:49 -0400 Subject: [PATCH 1/3] Whitelist three Pygments options. - startinline - hl_lines - linenos --- lib/jekyll/tags/highlight.rb | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/lib/jekyll/tags/highlight.rb b/lib/jekyll/tags/highlight.rb index f7ca2dcd..52e62d3b 100644 --- a/lib/jekyll/tags/highlight.rb +++ b/lib/jekyll/tags/highlight.rb @@ -44,9 +44,11 @@ eos suffix = context["highlighter_suffix"] || "" code = super.to_s.strip + is_safe = !!context.registers[:site].safe + output = case context.registers[:site].highlighter when 'pygments' - render_pygments(code) + render_pygments(code, is_safe) when 'rouge' render_rouge(code) else @@ -57,8 +59,17 @@ eos prefix + rendered_output + suffix end - def render_pygments(code) + def render_pygments(code, is_safe) require 'pygments' + + if is_safe + @options = { + :startinline => @options.fetch(:startinline, nil), + :hl_lines => @options.fetch(:hl_lines, nil), + :linenos => @options.fetch(:linenos, nil) + } + end + @options[:encoding] = 'utf-8' highlighted_code = Pygments.highlight(code, :lexer => @lang, :options => @options) From 3cb2e74b5c93e837d08182d735ebb8a5fd793ced Mon Sep 17 00:00:00 2001 From: Parker Moore Date: Tue, 29 Jul 2014 16:30:44 -0400 Subject: [PATCH 2/3] Add further testing for Highlight#sanitized_opts --- lib/jekyll/tags/highlight.rb | 28 +++++++++++++++++++--------- test/test_tags.rb | 31 +++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+), 9 deletions(-) diff --git a/lib/jekyll/tags/highlight.rb b/lib/jekyll/tags/highlight.rb index 52e62d3b..837919ff 100644 --- a/lib/jekyll/tags/highlight.rb +++ b/lib/jekyll/tags/highlight.rb @@ -59,20 +59,30 @@ eos prefix + rendered_output + suffix end + def sanitized_opts(opts, is_safe) + if is_safe + Hash[[ + [:startinline, opts.fetch(:startinline, nil)], + [:hl_linenos, opts.fetch(:hl_linenos, nil)], + [:linenos, opts.fetch(:linenos, nil)], + [:encoding, opts.fetch(:encoding, 'utf-8')], + [:cssclass, opts.fetch(:cssclass, nil)] + ].reject {|f| f.last.nil? }] + else + opts + end + end + def render_pygments(code, is_safe) require 'pygments' - if is_safe - @options = { - :startinline => @options.fetch(:startinline, nil), - :hl_lines => @options.fetch(:hl_lines, nil), - :linenos => @options.fetch(:linenos, nil) - } - end - @options[:encoding] = 'utf-8' - highlighted_code = Pygments.highlight(code, :lexer => @lang, :options => @options) + highlighted_code = Pygments.highlight( + code, + :lexer => @lang, + :options => sanitized_opts(@options, is_safe) + ) if highlighted_code.nil? Jekyll.logger.error "There was an error highlighting your code:" diff --git a/test/test_tags.rb b/test/test_tags.rb index 2b716efa..942b28ce 100644 --- a/test/test_tags.rb +++ b/test/test_tags.rb @@ -87,6 +87,37 @@ CONTENT end end + context "in safe mode" do + setup do + @tag = Jekyll::Tags::HighlightBlock.new('highlight', 'text ', ["test", "{% endhighlight %}", "\n"]) + end + + should "allow linenos" do + sanitized = @tag.sanitized_opts({:linenos => true}, true) + assert_equal true, sanitized[:linenos] + end + + should "allow hl_linenos" do + sanitized = @tag.sanitized_opts({:hl_linenos => %w[1 2 3 4]}, true) + assert_equal %w[1 2 3 4], sanitized[:hl_linenos] + end + + should "allow cssclass" do + sanitized = @tag.sanitized_opts({:cssclass => "ahoy"}, true) + assert_equal "ahoy", sanitized[:cssclass] + end + + should "allow startinline" do + sanitized = @tag.sanitized_opts({:startinline => true}, true) + assert_equal true, sanitized[:startinline] + end + + should "strip unknown options" do + sanitized = @tag.sanitized_opts({:light => true}, true) + assert_nil sanitized[:light] + end + end + context "post content has highlight tag" do setup do fill_post("test") From ee5828b2f706a0052b9f54faf3550a1114b3d853 Mon Sep 17 00:00:00 2001 From: Parker Moore Date: Tue, 29 Jul 2014 17:32:36 -0400 Subject: [PATCH 3/3] Try to clarify the way sass imports happen. /cc @mrzool https://github.com/jekyll/jekyll-help/issues/104 --- site/docs/assets.md | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/site/docs/assets.md b/site/docs/assets.md index b733e0eb..41e8b921 100644 --- a/site/docs/assets.md +++ b/site/docs/assets.md @@ -21,9 +21,9 @@ or `.coffee`) and start the file with two lines of triple dashes, like this: Jekyll treats these files the same as a regular page, in that the output file will be placed in the same directory that it came from. For instance, if you -have a file named `/css/styles.scss` in your site's source folder, Jekyll +have a file named `css/styles.scss` in your site's source folder, Jekyll will process it and put it in your site's destination folder under -`/css/styles.css`. +`css/styles.css`. ## Sass/SCSS @@ -38,7 +38,21 @@ sass: sass_dir: _sass {% endhighlight %} -The Sass converter will default to `_sass`. +The Sass converter will default the `sass_dir` configuration option to +`_sass`. + +
+
The sass_dir is only used by Sass
+

+ + Note that the `sass_dir` becomes the load path for Sass imports, + nothing more. This means that Jekyll does not know about these files + directly, so any files here should not contain the YAML front matter as + described above nor will they be transformed as described above. This + folder should only contain imports. + +

+
You may also specify the output style with the `style` option in your `_config.yml` file: