Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Parsing error while using Mermaid diagrams with annotations #154

Open
plbonneville opened this issue Sep 5, 2023 · 2 comments
Open

Parsing error while using Mermaid diagrams with annotations #154

plbonneville opened this issue Sep 5, 2023 · 2 comments

Comments

@plbonneville
Copy link

When using Mermaid diagrams with annotations on classes, for example <<interface>>, an error is thrown.

This is due to the fact that the parser is not able to parse the annotation.

classDiagram
class Shape
<<interface>> Shape
Shape : noOfVertices
Shape : draw()
Loading

Removing safeHTML in render-codeblock-mermaid.html fixes the issue.

<div class="mermaid">
    {{- .Inner | safeHTML }}
</div>
{{ .Page.Store.Set "hasMermaid" true }}

<div class="mermaid">
    {{- .Inner }}
</div>
{{ .Page.Store.Set "hasMermaid" true }}
@joshed-io
Copy link
Owner

@plbonneville Thanks for opening the issue. Let me see who added that code and if it's safe to remove the safeHTML part.

@davidovich
Copy link
Contributor

@dzello That would be me :-), and mermaid support was added by taking inspiration from https://gohugo.io/content-management/diagrams/#mermaid-diagrams where safeHTML is suggested. Since the input to this codeblock is user defined, I guess we could be ok to remove it. It essentially means that we need to understand what would be the attack vector if we were to remove it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@joshed-io @davidovich @plbonneville