Module: alfresco/html/Markdown

alfresco/html/Markdown

A simple markdown rendering widget. This module uses Showdown to convert markdown to HTML. In order to prevent any malicious content from being added to the browser DOM, all generated HTML is passed through the "stripUnsafeHTML" function provided on the server by Surf. This does require an XHR call to made which may reduce rendering speed - but ensures that the widget is not prone to XSS style attacks.

It is possible to provide initial rendering via the markdown attribute and it is also possible to allow markdown to be dynamically updated by configuring one or more subscriptionTopics.

Since:
  • 1.0.53
Author:
  • Dave Draper
Copyright:
  • Copyright (C) 2005-2020 Alfresco Software Limited
License:
Source:

Examples

Simple markdown example:

{
  name: "alfresco/html/Markdown",
  config: {
    markdown: "# H1\n## H2"
  }
}

Example with subscription topics for dynamic updates:

{
  name: "alfresco/html/Markdown",
  config: {
    markdown: "# H1\n## H2",
    subscriptionTopics: ["UPDATE_MARKDOWN","CHANGE_CONTENT"]
  }
}

Extends

Mixes In

Members

_pendingMarkdown :string

This is used to store the last requested markdown update when a request is in progress to sanitize the HTML generated from the last markdown update request.
Type:
  • string
Default Value:
  • null
Source:

_requestInProgress :boolean

This boolean flag is used internally to indicate whether or not a request is currently being made to sanitize the HTML rendered for markdown provided. If this flag is set to true then markdown update requests will be stored assigned to _pendingMarkdown and will be converted to HTML and sanitized once the request in progress is made.
Type:
  • boolean
Default Value:
  • false
Source:

markdown :string

Some initial markdown content to convert to HTML.
Type:
  • string
Default Value:
  • null
Source:

subscriptionTopics :string[]

An array of topics to subscribe to that when published on will update the data. Payloads published on the topics must contain an attribute called 'markdown' in order to the requested data to be rendered.
Type:
  • string[]
Default Value:
  • null
Source:

templateString :String

The HTML template to use for the widget.
Type:
  • String
Source:

Methods

checkForPendingMarkdown()

This is called on both successful and failing attempts to sanitize the HTML rendered from the requested markdown. It resets the _requestInProgress flag so that calls to updateMarkdown can be processed. If data has been stored in _pendingMarkdown from a request that was made whilst the last markdown request was being sanitized then that data will be passed to updateMarkdown.
Source:

onMarkdownUpdate(payload)

Handles requests to render new markdown that are provided through the publication on a topic defined within the subscriptionTopics.
Parameters:
Name Type Description
payload object A payload containing a 'markdown' attribute with the markdown to convert to HTML
Source:

postCreate()

Subscribes to any subscriptionTopics, initializes the markdown converter and if any markdown has been initially provided calls updateMarkdown to render and sanitize the HTML for it.
Source:

sanitizeFailure(response, originalRequestConfig)

This function is called when requests to sanitize the HTML generated from markdown cannot be processed. It simply outputs a warning. Nothing is updated.
Parameters:
Name Type Description
response object The reponse of the request to sanitize the converted markdown.
originalRequestConfig object The configuration used to make the sanitize XHR request.
Source:

sanitizeSuccess(response, originalRequestConfig)

Parameters:
Name Type Description
response object The reponse of the request to sanitize the converted markdown.
originalRequestConfig object The configuration used to make the sanitize XHR request.
Source:

updateMarkdown(markdown)

Converts the supplied markdown into HTML and then makes an XHR request to Surf to sanitize the generated HTML of any malicious content in order to prevent XSS-style attacks.
Parameters:
Name Type Description
markdown string The markdown to convert to HTML
Source: