Browse Source

some typos

I tried to keep out personal taste.
pull/95/head
Tobias Bengfort 10 years ago
parent
commit
92d23bc926
  1. 24
      docs/development.md
  2. 8
      docs/security.md

24
docs/development.md

@ -1,6 +1,6 @@
# Development recommendations
Prior to continue, make sure you've readed:
Prior to continue, make sure you've read:
1. [README](https://github.com/markdown-it/markdown-it#markdown-it)
2. [API documentation](https://markdown-it.github.io/markdown-it/)
@ -9,19 +9,19 @@ Prior to continue, make sure you've readed:
## General considerations for plugins.
1. Try to understand, where your plugin rule sould be located.
1. Try to understand where your plugin rule sould be located.
- Will it conflict with existing markup (by priority)?
- If yes - you need to write inline or block rule.
- If no - you can morth tokens in core chain.
- Remember, that tokens morphing in core is always more simple than writing
block / inline rules (if you don't copy existing one). However,
- If yes - you need to write an inline or block rule.
- If no - you can morph tokens in core chain.
- Remember that token morphing in core is always more simple than writing
block / inline rules (if you don't copy existing ones). However,
block & inline rules are usually faster.
- Sometime it's enougth to modify renderer only (for example, to add
header IDs or `target="_blank"` for the links).
2. Search existing
[plugins](https://www.npmjs.org/browse/keyword/markdown-it-plugin)
or [rules](https://github.com/markdown-it/markdown-it/tree/master/lib),
doing something similar. It can me more simple to modify existing code,
doing something similar. It can be more simple to modify existing code,
instead of writing all from scratch.
3. If you did all steps above, but still has questions - ask in
[tracker](https://github.com/markdown-it/markdown-it/issues). But, please:
@ -52,7 +52,7 @@ can use workarounds:
3. Render content and replace those random numbers with text
(or replace first, then render).
Or you can render html, then parse is to DOM (or
Or you can render html, then parse it to DOM (or
[cheerio](https://github.com/cheeriojs/cheerio) AST) and apply transformations
in more convenient way.
@ -69,17 +69,17 @@ __Note.__ Don't try to replace text with html markup! That's not secure.
#### Why my inline rule is not executed?
Inline parser skips peases of texts for the best speed. It stops only on [small set of chars](https://github.com/markdown-it/markdown-it/blob/master/lib/rules_inline/text.js), which can be tokens. We did not made this list extendable, also for performance reasons.
The inline parser skips pieces of texts for the best speed. It stops only on [a small set of chars](https://github.com/markdown-it/markdown-it/blob/master/lib/rules_inline/text.js), which can be tokens. We did not made this list extendable, also for performance reasons.
If you are absolutely sure, that something important is missed there - create a
If you are absolutely sure that something important is missing there - create a
ticket and we will consider adding new charcodes.
#### Why do you reject some useful things?
We do markdown parser. It should keep "markdown spirit". Other things should
We do a markdown parser. It should keep "markdown spirit". Other things should
be kept separate (in plugins, for example). We have no clear criteria, sorry.
Probably, you will find useful to read [CommonMark forum](http://talk.commonmark.org/) to understand us better.
Probably, you will find [CommonMark forum](http://talk.commonmark.org/) useful to read to understand us better.
Of cause, if you find architecture of this parser interesting for another type
of markup - you are welcome to reuse it in another project.

8
docs/security.md

@ -1,8 +1,8 @@
# Security
Many people don't understand, that markdown format does not care much about
Many people don't understand that markdown format does not care much about
security. In many cases you have to pass output to sanitizers. `markdown-it`
provides 2 possible stategies, to produce safe output:
provides 2 possible stategies to produce safe output:
1. Don't enable HTML. Extend markup features with [plugins](https://www.npmjs.org/browse/keyword/markdown-it-plugin). We think it's the best choice and use it by default.
- That's ok for 99% of user needs.
@ -31,5 +31,5 @@ But there is one non-evident case you should know - don't allow plugins to
generate arbitrary element `id` and `name`. If those depend on user input -
always add prefixes to avoid DOM clobbering. See [discussion](https://github.com/markdown-it/markdown-it/issues/28) for details.
So, if you decide to use plugins, adding extended classes syntax or
autogenerating headers anchors - be careful.
So, if you decide to use plugins that add extended class syntax or
autogenerating header anchors - be careful.

Loading…
Cancel
Save