AlfredoRamos / parsedown-extra-laravel by AlfredoRamos

A Parsedown Extra package for Laravel and Lumen
101,266
24
3
Package Data
Maintainer Username: AlfredoRamos
Maintainer Contact: alfredo.ramos@yandex.com (Alfredo Ramos)
Package Create Date: 2015-01-14
Package Last Update: 2021-02-10
Home Page:
Language: PHP
License: GPL-3.0-or-later
Last Refreshed: 2021-04-06 03:18:56
Package Statistics
Total Downloads: 101,266
Monthly Downloads: 2,749
Daily Downloads: 27
Total Stars: 24
Total Watchers: 3
Total Forks: 0
Total Open Issues: 0

About

A Parsedown Extra package for Laravel and Lumen

Build Status Latest Stable Version Code Quality Code Coverage License

Compatibility

Version | Laravel | Lumen | Status :------:|:--------:|:--------:|:-------------: 0.6.x | 5.4.x | N/A | End of life 0.7.x | 5.5.x | 5.5.x | End of life 0.8.x | >= 5.5.x | >= 5.5.x | Active support

Installation

Open your composer.json file and add the package in the require object:

"alfredo-ramos/parsedown-extra-laravel": "^0.8.0"

Then run composer update on your terminal.

Laravel

Service providers and aliases will be registered automatically since Laravel 5.5.x, thanks to the new package auto-discovery.

Lumen

In your bootstrap\app.php file and register the service provider:

$app->register(AlfredoRamos\ParsedownExtra\ParsedownExtraServiceProvider::class);

Then register the facade alias:

$app->withFacades(true, [
	AlfredoRamos\ParsedownExtra\Facades\ParsedownExtra::class => 'Markdown'
]);

Usage

sample.blade.php

{!! Markdown::parse("Hello world") !!}
{!! Markdown::parse("[XSS link](https://github.com/AlfredoRamos/parsedown-extra-laravel/blob/master/javascript:alert('xss'))") !!}

The code above will print:

<p>Hello world</p>

<!-- HTML Purifier enabled -->
<p><a>XSS link</a></p>

<!-- HTML Purifier disabled -->
<p><a href="javascript:alert('xss')">XSS link</a></p>

For your convenience, the markdown() helper function is also available. It accepts the same parameters as the facade.

markdown('Hello world', ['purifier' => false])

For a live demo, go to Parsedown Extra Demo.

Configuration

HTML Purifier is used to filter the HTML output, protecting your application for insecure content. You can pass an array or a string that will be the key of the settings array in your configuration file.

To add new or edit the default options, run the following command to make a copy of the configuration file:

php artisan vendor:publish \
	--provider='AlfredoRamos\ParsedownExtra\ParsedownExtraServiceProvider' \
	--tag=config --force

Using a string

Markdown::parse('Hello world', ['config' => 'comments'])

Where comments is the key of the array settings.

return [
	'purifier'	=> [
		'enabled'	=> true,
		'settings'	=> [
			'default' => [...],
			'comments' => [...]
		]
	]
];

Using an array

Markdown::parse('[DuckDuckGo](https://duckduckgo.com/)', ['config' => [
	'URI.Host' => 'localhost',
	'URI.DisableExternal' => true
]])

For all configuration options see the official HTML Purifier config docs.

Using the default settings

Markdown::parse('Hello world!')
// Is the same as
Markdown::parse('Hello world!', ['config' => 'default'])

You can temporarily disable it by setting the option purifier to false:

Markdown::parse('Text', ['purifier' => false])

HTML Purifier can be disabled permanently in the config/parsedownextra.php file.