alfredo-ramos/parsedown-extra-laravel

A Parsedown Extra package for Laravel and Lumen

0.8.3 2018-09-24 18:03 UTC

README

About

A Parsedown Extra package for Laravel and Lumen

Build Status Latest Stable Version Code Quality Code Coverage License

Compatibility

Version Laravel Lumen Status
0.6.x 5.4.x N/A End of life
0.7.x 5.5.x 5.5.x End of life
0.8.x >= 5.5.x >= 5.5.x Active support

Installation

Open your composer.json file and add the package in the require object:

"alfredo-ramos/parsedown-extra-laravel": "^0.8.0"

Then run composer update on your terminal.

Laravel

Service providers and aliases will be registered automatically since Laravel 5.5.x, thanks to the new package auto-discovery.

Lumen

In your bootstrap\app.php file and register the service provider:

$app->register(AlfredoRamos\ParsedownExtra\ParsedownExtraServiceProvider::class);

Then register the facade alias:

$app->withFacades(true, [
	AlfredoRamos\ParsedownExtra\Facades\ParsedownExtra::class => 'Markdown'
]);

Usage

sample.blade.php

{!! Markdown::parse("Hello world") !!}
{!! Markdown::parse("[XSS link](javascript:alert('xss'))") !!}

The code above will print:

<p>Hello world</p>

<!-- HTML Purifier enabled -->
<p><a>XSS link</a></p>

<!-- HTML Purifier disabled -->
<p><a href="javascript:alert('xss')">XSS link</a></p>

For your convenience, the markdown() helper function is also available. It accepts the same parameters as the facade.

markdown('Hello world', ['purifier' => false])

For a live demo, go to Parsedown Extra Demo.

Configuration

HTML Purifier is used to filter the HTML output, protecting your application for insecure content. You can pass an array or a string that will be the key of the settings array in your configuration file.

To add new or edit the default options, run the following command to make a copy of the configuration file:

php artisan vendor:publish \
	--provider='AlfredoRamos\ParsedownExtra\ParsedownExtraServiceProvider' \
	--tag=config --force

Using a string

Markdown::parse('Hello world', ['config' => 'comments'])

Where comments is the key of the array settings.

return [
	'purifier'	=> [
		'enabled'	=> true,
		'settings'	=> [
			'default' => [...],
			'comments' => [...]
		]
	]
];

Using an array

Markdown::parse('[DuckDuckGo](https://duckduckgo.com/)', ['config' => [
	'URI.Host' => 'localhost',
	'URI.DisableExternal' => true
]])

For all configuration options see the official HTML Purifier config docs.

Using the default settings

Markdown::parse('Hello world!')
// Is the same as
Markdown::parse('Hello world!', ['config' => 'default'])

You can temporarily disable it by setting the option purifier to false:

Markdown::parse('Text', ['purifier' => false])

HTML Purifier can be disabled permanently in the config/parsedownextra.php file.