From 19cca8f0d66f1333497729dcb679ce3f49fdc504 Mon Sep 17 00:00:00 2001
From: Matthew Scragg <scragg@gmail.com>
Date: Thu, 10 Oct 2013 12:26:42 -0500
Subject: [PATCH] markdown tables, sanitize mode off unless collaboration
 active

---
 realms/__init__.py              |  3 ++-
 realms/static/js/dillinger.js   | 12 +-----------
 realms/static/js/wmd.js         |  6 +++---
 realms/static/packed-common.js  | 10 +++++++---
 realms/templates/page/edit.html |  9 +++++++--
 5 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/realms/__init__.py b/realms/__init__.py
index 2ba152d..94a36a1 100644
--- a/realms/__init__.py
+++ b/realms/__init__.py
@@ -102,7 +102,7 @@ def validate_captcha():
 def format_subdomain(s):
     s = s.lower()
     s = to_canonical(s)
-    if s in ['www']:
+    if s in ['www', 'api']:
         # Not allowed
         s = ""
     return s
@@ -145,6 +145,7 @@ def create_app(subdomain=None):
                        'vendor/components-bootstrap/js/bootstrap.js',
                        'vendor/handlebars/handlebars.js',
                        'vendor/showdown/src/showdown.js',
+                       'vendor/showdown/src/extensions/table.js',
                        'js/wmd.js',
                        filters='closure_js'),
                 'js/html-sanitizer-minified.js',
diff --git a/realms/static/js/dillinger.js b/realms/static/js/dillinger.js
index f2d19bb..6fc17d2 100644
--- a/realms/static/js/dillinger.js
+++ b/realms/static/js/dillinger.js
@@ -458,17 +458,7 @@ $(function(){
             .html('') // unnecessary?
             .html(md);
 
-        refreshWordCount();
-    }
-
-    function refreshWordCount(selectionCount){
-        var msg = "Words: ";
-        if (selectionCount !== undefined) {
-            msg += selectionCount + " of ";
-        }
-        if (profile.wordcount) {
-            $wordcounter.text(msg + countWords(getTextInElement($preview[0])));
-        }
+        //refreshWordCount();
     }
 
     /**
diff --git a/realms/static/js/wmd.js b/realms/static/js/wmd.js
index d142347..15659f7 100644
--- a/realms/static/js/wmd.js
+++ b/realms/static/js/wmd.js
@@ -32,7 +32,7 @@ WMD.convert = function(content, options) {
     var doc = {raw: content, markdown: content};
     var opt = WMD.readOptions(options);
     WMD.preprocess(doc, opt);
-    doc.html = WMD.processor(doc.markdown);
+    doc.html = WMD.processor(doc.markdown, true);
     WMD.postprocess(doc, opt);
     doc.toString = function () {
         return doc.html;
@@ -52,8 +52,8 @@ function gsub(str, re, fn, /*optional*/newstr) {
     }
     return newstr + str;
 }
-
-WMD.processor = new Showdown.converter().makeHtml;
+WMD.showdown = new Showdown.converter({extensions: ['table']});
+WMD.processor = WMD.showdown.makeHtml;
 
 WMD.preprocessors = {
 
diff --git a/realms/static/packed-common.js b/realms/static/packed-common.js
index 3629d69..b00458a 100644
--- a/realms/static/packed-common.js
+++ b/realms/static/packed-common.js
@@ -508,9 +508,13 @@ end;i++){var str=grafs[i];if(str.search(/~K(\d+)K/g)>=0)grafsOut.push(str);else
 return text};var _EncodeEmailAddress=function(addr){var encode=[function(ch){return"&#"+ch.charCodeAt(0)+";"},function(ch){return"&#x"+ch.charCodeAt(0).toString(16)+";"},function(ch){return ch}];addr="mailto:"+addr;addr=addr.replace(/./g,function(ch){if(ch=="@")ch=encode[Math.floor(Math.random()*2)](ch);else if(ch!=":"){var r=Math.random();ch=r>0.9?encode[2](ch):r>0.45?encode[1](ch):encode[0](ch)}return ch});addr='<a href="'+addr+'">'+addr+"</a>";addr=addr.replace(/">.+:/g,'">');return addr};var _UnescapeSpecialChars=
 function(text){text=text.replace(/~E(\d+)E/g,function(wholeMatch,m1){var charCodeToReplace=parseInt(m1);return String.fromCharCode(charCodeToReplace)});return text};var _Outdent=function(text){text=text.replace(/^(\t|[ ]{1,4})/gm,"~0");text=text.replace(/~0/g,"");return text};var _Detab=function(text){text=text.replace(/\t(?=\t)/g,"    ");text=text.replace(/\t/g,"~A~B");text=text.replace(/~B(.+?)~A/g,function(wholeMatch,m1,m2){var leadingText=m1;var numSpaces=4-leadingText.length%4;for(var i=0;i<
 numSpaces;i++)leadingText+=" ";return leadingText});text=text.replace(/~A/g,"    ");text=text.replace(/~B/g,"");return text};var escapeCharacters=function(text,charsToEscape,afterBackslash){var regexString="(["+charsToEscape.replace(/([\[\]\\])/g,"\\$1")+"])";if(afterBackslash)regexString="\\\\"+regexString;var regex=new RegExp(regexString,"g");text=text.replace(regex,escapeCharacters_callback);return text};var escapeCharacters_callback=function(wholeMatch,m1){var charCodeToEscape=m1.charCodeAt(0);
-return"~E"+charCodeToEscape+"E"}};if(typeof module!=="undefined")module.exports=Showdown;if(typeof define==="function"&&define.amd)define("showdown",function(){return Showdown});function escapeHtml(s){s=""+s;s=s.replace(/&/g,"&amp;");s=s.replace(/</g,"&lt;");s=s.replace(/>/g,"&gt;");s=s.replace(/"/g,"&quot;");s=s.replace(/'/g,"&#39;");return s}var WMD={};
-WMD.convert=function(content,options){var doc={raw:content,markdown:content};var opt=WMD.readOptions(options);WMD.preprocess(doc,opt);doc.html=WMD.processor(doc.markdown);WMD.postprocess(doc,opt);doc.toString=function(){return doc.html};return doc};function gsub(str,re,fn,newstr){newstr=newstr||"";var match=re.exec(str);if(match){newstr+=str.slice(0,match.index);newstr+=fn.apply(null,match);remaining=str.slice(match.index+match[0].length);return gsub(remaining,re,fn,newstr)}return newstr+str}
-WMD.processor=(new Showdown.converter).makeHtml;
+return"~E"+charCodeToEscape+"E"}};if(typeof module!=="undefined")module.exports=Showdown;if(typeof define==="function"&&define.amd)define("showdown",function(){return Showdown});
+(function(){var table=function(converter){var tables={},style="",filter;tables.th=function(header){if(header.trim()==="")return"";var id=header.trim().replace(/ /g,"_").toLowerCase();return'<th id="'+id+'" style="'+style+'">'+header+"</th>"};tables.td=function(cell){return'<td style="'+style+'">'+converter.makeHtml(cell)+"</td>"};tables.ths=function(){var out="",i=0,hs=[].slice.apply(arguments);for(i;i<hs.length;i+=1)out+=tables.th(hs[i])+"\n";return out};tables.tds=function(){var out="",i=0,ds=[].slice.apply(arguments);
+for(i;i<ds.length;i+=1)out+=tables.td(ds[i])+"\n";return out};tables.thead=function(){var out,i=0,hs=[].slice.apply(arguments);out="<thead>\n";out+="<tr>\n";out+=tables.ths.apply(this,hs);out+="</tr>\n";out+="</thead>\n";return out};tables.tr=function(){var out,i=0,cs=[].slice.apply(arguments);out="<tr>\n";out+=tables.tds.apply(this,cs);out+="</tr>\n";return out};filter=function(text){var i=0,lines=text.split("\n"),tbl=[],line,hs,rows,out=[];for(i;i<lines.length;i+=1){line=lines[i];if(line.trim().match(/^[|]{1}.*[|]{1}$/)){line=
+line.trim();tbl.push('<table class="table table-bordered">');hs=line.substring(1,line.length-1).split("|");tbl.push(tables.thead.apply(this,hs));line=lines[++i];if(!line.trim().match(/^[|]{1}[-=| ]+[|]{1}$/))line=lines[--i];else{line=lines[++i];tbl.push("<tbody>");while(line.trim().match(/^[|]{1}.*[|]{1}$/)){line=line.trim();tbl.push(tables.tr.apply(this,line.substring(1,line.length-1).split("|")));line=lines[++i]}tbl.push("</tbody>");tbl.push("</table>");out.push(tbl.join("\n"));tbl=[];continue}}out.push(line)}return out.join("\n")};
+return[{type:"lang",filter:filter}]};if(typeof window!=="undefined"&&window.Showdown&&window.Showdown.extensions)window.Showdown.extensions.table=table;if(typeof module!=="undefined")module.exports=table})();function escapeHtml(s){s=""+s;s=s.replace(/&/g,"&amp;");s=s.replace(/</g,"&lt;");s=s.replace(/>/g,"&gt;");s=s.replace(/"/g,"&quot;");s=s.replace(/'/g,"&#39;");return s}var WMD={};
+WMD.convert=function(content,options){var doc={raw:content,markdown:content};var opt=WMD.readOptions(options);WMD.preprocess(doc,opt);doc.html=WMD.processor(doc.markdown,true);WMD.postprocess(doc,opt);doc.toString=function(){return doc.html};return doc};
+function gsub(str,re,fn,newstr){newstr=newstr||"";var match=re.exec(str);if(match){newstr+=str.slice(0,match.index);newstr+=fn.apply(null,match);remaining=str.slice(match.index+match[0].length);return gsub(remaining,re,fn,newstr)}return newstr+str}WMD.showdown=new Showdown.converter({extensions:["table"]});WMD.processor=WMD.showdown.makeHtml;
 WMD.preprocessors={underscores:function(doc){doc.markdown=gsub(doc.markdown,/(^(?! {4}|\t)\w+_\w+_\w[\w_]*)/,function(match){var count=0;for(var i=0;i<match.length;i++)if(match[i]=="_")count++;if(count===2)return match.replace(/_/g,"\\_");return match});return doc},metadata:function(doc){var key;var lines=doc.markdown.split("\n");doc.metadata={};while(lines.length){var match=/^(\S+):\s+(.*)$/.exec(lines[0]);if(match){var key=match[1];doc.metadata[key]=match[2];lines.shift()}else{var continued_value=
 /^\s+(.+)$/.exec(lines[0]);if(/^\s*$/.exec(lines[0]))lines.shift();else if(continued_value&&key){doc.metadata[key]+="\n"+continued_value[1];lines.shift()}else break}}doc.markdown=lines.join("\n");return doc},fencedCodeBlocksHighlightJS:function(doc){var re1=/```([A-Za-z]+)\s*([\s\S]+?)```/;var re2=/```\s*([\s\S]+?)```/;var block;while(block=re1.exec(doc.markdown)||re2.exec(doc.markdown)){var pre;if(block.length===3){pre='<pre style="padding:0;"><code class="'+escapeHtml(block[1])+'">';if(block[1]in
 hljs.LANGUAGES)pre+=hljs.highlight(block[1],block[2]).value;else pre+=escapeHtml(block[2]);pre+="</code></pre>"}else pre='<pre style="padding:0;"><code class="no-highlight">'+escapeHtml(block[1])+"</code></pre>";doc.markdown=doc.markdown.substr(0,block.index)+pre+doc.markdown.substr(block.index+block[0].length)}return doc}};WMD.postprocessors={};
diff --git a/realms/templates/page/edit.html b/realms/templates/page/edit.html
index a838979..1f96e06 100644
--- a/realms/templates/page/edit.html
+++ b/realms/templates/page/edit.html
@@ -8,6 +8,7 @@
             $("#start-togetherjs").click(function(){
                 $(this).prop('disabled', true).html("Loading");
             });
+            MDR.sanitize = false;
         });
         TogetherJSConfig_toolName = "Collaboration";
         TogetherJSConfig_suppressJoinConfirmation = true;
@@ -21,10 +22,11 @@
 
         TogetherJSConfig_on_ready = function () {
             MDR.sanitize = true;
+            $("#preview").html('');
            $("#start-togetherjs").addClass('btn-danger').html('End Collaboration').prop('disabled', false);
         };
         TogetherJSConfig_on_close = function () {
-            MDR.sanitize = null;
+            MDR.sanitize = false;
             $("#start-togetherjs").removeClass('btn-danger').html('Collaborate').prop('disabled', false);
         };
 
@@ -50,7 +52,10 @@
     <div id="app-wrap" class="container-fluid">
         <div id="app-controls" class="row">
             <div class="col-xs-3">
-                <input id="page-name" type="text" class="form-control input-sm" name="name" placeholder="Name" value="{{- name -}}" />
+                <div class="input-group">
+                    <span class="input-group-addon btn-info input-sm">realms.io/</span>
+                    <input id="page-name" type="text" class="form-control input-sm" name="name" placeholder="Name" value="{{- name -}}" />
+                </div>
             </div>
             <div class="col-xs-3">
                 <input id="page-message" type="text" class="form-control input-sm" name="page-message" placeholder="Comment" value="" />