Update comrak to 0.2.3, use ext_header_ids

Cargo.toml

@@ -54,8 +54,8 @@ serde_derive = "1.0.0"
 serde = "1.0.0"
 clippy = { version = "=0.0.162", optional = true }
 chrono = { version = "0.4.0", features = ["serde"] }
-comrak = { version = "0.1.9", default-features = false }
-ammonia = "0.7.0"
+comrak = { version = "0.2.3", default-features = false }
+ammonia = { git = "https://github.com/notriddle/ammonia" }
 docopt = "0.8.1"
 itertools = "0.6.0"
 lettre = "0.6"

app/controllers/crate/version.js

@@ -1,8 +1,9 @@
 import Controller from '@ember/controller';
 import PromiseProxyMixin from '@ember/object/promise-proxy-mixin';
 import ArrayProxy from '@ember/array/proxy';
-import { computed } from '@ember/object';
+import { computed, observer } from '@ember/object';
 import { later } from '@ember/runloop';
+import $ from 'jquery';
 import moment from 'moment';
 
 const NUM_VERSIONS = 5;
@@ -173,4 +174,8 @@ export default Controller.extend({
         },
     },
 
+    report: observer('crate.readme', function() {
+        setTimeout(() => $(window).trigger('hashchange'));
+    }),
+
 });

app/initializers/hashchange.js

@@ -0,0 +1,50 @@
+import $ from 'jquery';
+
+function decodeFragmentValue(hash) {
+    try {
+        return decodeURIComponent(hash.slice(1));
+    } catch(_) {
+        return '';
+    }
+}
+
+function findElementByFragmentName(document, name) {
+    if (name === '') {
+        return;
+    }
+
+    return document.getElementById(name) || document.getElementsByName(name)[0];
+}
+
+function hashchange() {
+    if (document.querySelector(':target')) {
+        return;
+    }
+
+    const hash = decodeFragmentValue(location.hash);
+    const target = findElementByFragmentName(document, `user-content-${hash}`);
+    if (target) {
+        target.scrollIntoView();
+    }
+}
+
+export function initialize() {
+    $(window).on('hashchange', hashchange);
+
+    // If clicking on a link to the same fragment as currently in the address bar,
+    // hashchange won't be fired, so we need to manually trigger rescroll.
+    $(document).on('a[href]', 'click', function(event) {
+        if (this.href === location.href && location.hash.length > 1) {
+            setTimeout(function() {
+                if (!event.defaultPrevented) {
+                    hashchange();
+                }
+            });
+        }
+    });
+}
+
+export default {
+    name: 'app.hashchange',
+    initialize
+};

src/render.rs

@@ -1,12 +1,12 @@
-use ammonia::Ammonia;
+use ammonia::Builder;
 use comrak;
 
 use util::CargoResult;
 
 /// Context for markdown to HTML rendering.
 #[allow(missing_debug_implementations)]
 pub struct MarkdownRenderer<'a> {
-    html_sanitizer: Ammonia<'a>,
+    html_sanitizer: Builder<'a>,
 }
 
 impl<'a> MarkdownRenderer<'a> {
@@ -53,8 +53,7 @@ impl<'a> MarkdownRenderer<'a> {
             .cloned()
             .collect();
         let tag_attributes = [
-            ("a", ["href", "target"].iter().cloned().collect()),
-            ("code", ["class"].iter().cloned().collect()),
+            ("a", ["href", "id", "target"].iter().cloned().collect()),
             (
                 "img",
                 ["width", "height", "src", "alt", "align"]
@@ -94,14 +93,13 @@ impl<'a> MarkdownRenderer<'a> {
         ].iter()
             .cloned()
             .collect();
-        let html_sanitizer = Ammonia {
-            link_rel: Some("nofollow noopener noreferrer"),
-            keep_cleaned_elements: true,
-            tags: tags,
-            tag_attributes: tag_attributes,
-            allowed_classes: allowed_classes,
-            ..Ammonia::default()
-        };
+        let mut html_sanitizer = Builder::new();
+        html_sanitizer
+            .link_rel(Some("nofollow noopener noreferrer"))
+            .tags(tags)
+            .tag_attributes(tag_attributes)
+            .allowed_classes(allowed_classes)
+            .id_prefix(Some("user-content-"));
         MarkdownRenderer {
             html_sanitizer: html_sanitizer,
         }
@@ -115,10 +113,11 @@ impl<'a> MarkdownRenderer<'a> {
             ext_table: true,
             ext_tagfilter: true,
             ext_tasklist: true,
+            ext_header_ids: Some("user-content-".to_string()),
             ..comrak::ComrakOptions::default()
         };
         let rendered = comrak::markdown_to_html(text, &options);
-        Ok(self.html_sanitizer.clean(&rendered))
+        Ok(self.html_sanitizer.clean(&rendered).to_string())
     }
 }
 
@@ -218,4 +217,24 @@ mod tests {
         let result = markdown_to_html(text).unwrap();
         assert_eq!(result, "<p>Hello World!</p>\n");
     }
+
+    #[test]
+    fn header_has_tags() {
+        let text = "# My crate\n\nHello, world!\n";
+        let result = markdown_to_html(text).unwrap();
+        assert_eq!(
+            result,
+            "<h1><a href=\"#my-crate\" id=\"user-content-my-crate\" rel=\"nofollow noopener noreferrer\"></a>My crate</h1>\n<p>Hello, world!</p>\n"
+        );
+    }
+
+    #[test]
+    fn manual_anchor_is_sanitized() {
+        let text = "<h1><a href=\"#my-crate\" id=\"my-crate\"></a>My crate</h1>\n<p>Hello, world!</p>\n";
+        let result = markdown_to_html(text).unwrap();
+        assert_eq!(
+            result,
+            "<h1><a href=\"#my-crate\" id=\"user-content-my-crate\" rel=\"nofollow noopener noreferrer\"></a>My crate</h1>\n<p>Hello, world!</p>\n"
+        );
+    }
 }