Consider sanitizing HTML tags from TOC entries
jayv opened this issue · 3 comments
Some plugins, eg. Highlightr plugin inject markup via HTML tags which messes up the TOC:
It would be nice if the plugin could strip any HTML tags, a simple regex <(?:"[^"]*"['"]*|'[^']*'['"]*|[^'">])+>
replace to ''
might do it.
Example payload:
<mark style="background: #FFF3A3A6;">Some title</mark>
Preserving the markup as opposed to escaping it would also be nice, but is more a nice to have.
Been having the same problem for a while now, so thanks for opening this issue.
Currently working on a fork for this, your regex is very helpful in this.
Also trying to squeeze in a fix for headings with internal links already in them.
If you do not use the clickable links option in aTOC, you can quite easily skip over the whole headache of sanitizing the headers for HTML. But it still causes a headache for other reasons and having clickable headers is part of the reason why I even use the plugin to begin with.
Hoping to have a somewhat fixed fork ready this week.
Finally finished the first revision of this.
When it comes to stripping HTML tags, I've made it completely optional.
I've also added an option to enable/disable Markdown links: [text](https://github.com/)
.
Both these options/rules are overridden by the pre-existing includeLinks
option.
Small overview of the new options:
allowStyleHTML: {
type: 'boolean',
default: false,
comment: 'When includeLinks is false, allows HTML styling for headings',
},
includeMarkdownLinks: {
type: 'boolean',
default: true,
comment: 'When includeLinks is false, allows Markdown links in headings',
},
I'm not quite sure what the "standard behaviour" should be when includeLinks
is disabled.
(Also the first revision is seriously buggy and full of unnecessary code. PR comes when I get enough time to clean it up a smidge.)
Edit: (24.12.23) added one more option:
showMarkdownLinksInLinks: {
type: 'boolean',
default: false,
comment: 'Allows Markdown links in headings when links are also enabled.',
},
Also still cleaning up the code.
Hello! HTML is now stripped in 1.3.1
Unfortunately I couldn't find a way to keep the formatting without impacting other features