Skip to content

Add support for data-canonical-src in content editor links + add tests

Himanshu Kapoor requested to merge original-url-tests-markdown into master

What does this MR do?

This MR builds upon the work of !64032 (merged) (which is the target branch currently). Here's a description of what the original MR does:

When rendering Markdown using the various Markdown endpoints in the application, the URL specified in the Markdown source is transformed by the Markdown rendering pipeline for several purposes: security, resolving a URL for rendering, etc. The original URL, as stored in the Markdown source, is lost after this transformation.

This Merge Request preserves the original URL, as stored in the source, in the data-canonical-src attribute. The purpose is allowing the Content Editor to re-generate the image or link definition in the client when serializing the HTML back to Markdown.

This MR:

  • Adds support for data-canonical-src in all links in content editor, and
  • Adds a context attribute to our api_markdown.yml file, which allows you to define a context in which the markdown should be processed. For now we have four contexts: groups, projects, group wikis and project wikis. The output of the resulting markdown may be same (or similar), but keeping these contexts separate makes room for future tests where we add more cases like relative URLs, mentions, issue and MR references.

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

Does this MR contain changes to processing or storing of credentials or tokens, authorization and authentication methods or other items described in the security review guidelines? If not, then delete this Security section.

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Himanshu Kapoor

Merge request reports

Loading