jekyll-mathjax-csp 1.0.2 → 1.3.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/README.md +44 -1
- data/lib/jekyll-mathjax-csp.rb +39 -6
- metadata +13 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: dedff31478ba8e4a3d89caa8bd3072675854d5bffc3fc1790edb858989c43df0
|
|
4
|
+
data.tar.gz: bc1fd6b656b99bdcbbda7fe8b4c50e91b5cb18844f1cd18956ed61d2a5c17c5a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ca949bdb1aace4ed3a54012802a0b4b860d319c7dc6bfc13a2b35a31fee0b876c25a7f95d62b1f0abdd23f8c2fafc0402e77f8f8d5b70cc66781289e42a0e6e9
|
|
7
|
+
data.tar.gz: 4b36d5a66c71d7decfeeac1845a3745dfa1e3f15e38312f23c957b437f33a628247895a09a4e46e527c2bfac5627a49d3156635a7453b6e8ae45a4dc852f748a
|
data/README.md
CHANGED
|
@@ -45,6 +45,24 @@ The plugin runs the output of Jekyll's markdown parser [kramdown](http://kramdow
|
|
|
45
45
|
|
|
46
46
|
## Configuration
|
|
47
47
|
|
|
48
|
+
The following fields can be set in `_config.yml`; their default values are given in the sample below.
|
|
49
|
+
|
|
50
|
+
```yaml
|
|
51
|
+
mathjax_csp:
|
|
52
|
+
linebreaks: false
|
|
53
|
+
single_dollars: false
|
|
54
|
+
format: AsciiMath,TeX,MathML
|
|
55
|
+
font: TeX
|
|
56
|
+
semantics: false
|
|
57
|
+
notexthints: false
|
|
58
|
+
output: SVG
|
|
59
|
+
eqno: none
|
|
60
|
+
ex_size: 6
|
|
61
|
+
width: 100
|
|
62
|
+
extensions: ""
|
|
63
|
+
font_url: "https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.2/fonts/HTML-CSS"
|
|
64
|
+
strip_css: false
|
|
65
|
+
```
|
|
48
66
|
'mathjax-node-page' adds a fixed inline stylesheet to every page containing math. If you want to serve this stylesheet as an external `.css`, you can advise the plugin to strip it from the output by adding the following lines to your `_config.yml`:
|
|
49
67
|
|
|
50
68
|
```yaml
|
|
@@ -52,6 +70,23 @@ mathjax_csp:
|
|
|
52
70
|
strip_css: true
|
|
53
71
|
```
|
|
54
72
|
|
|
73
|
+
Configuration for 'mathjax-node-page' is also available:
|
|
74
|
+
|
|
75
|
+
| Key | Description | Default |
|
|
76
|
+
| ---------------- | ------------------------------------------------------------ | ------------------------------------------------------------ |
|
|
77
|
+
| `linebreaks` | Perform automatic line-breaking | `false` |
|
|
78
|
+
| `single_dollars` | Allow single-dollar delimiters for inline math | `false` |
|
|
79
|
+
| `format` | Input format(s) to look for | `AsciiMath,TeX,MathML` |
|
|
80
|
+
| `font` | Web font to use in SVG output | `TeX` |
|
|
81
|
+
| `semantics` | For TeX or Asciimath source and MathML output, add input in `<semantics>` tag | `false` |
|
|
82
|
+
| `notexthints` | For TeX input and MathML output, don't add TeX-specific classes | `false` |
|
|
83
|
+
| `output` | Output format: SVG, CommonHTML, or MML | `SVG` |
|
|
84
|
+
| `eqno` | Equation number style (none, AMS, or all) | `none` |
|
|
85
|
+
| `ex_size` | Ex-size, in pixels | `6` |
|
|
86
|
+
| `width` | Width of equation container in `ex`. Used for line-breaking | `100` |
|
|
87
|
+
| `extensions` | Extra MathJax extensions (e.g. `Safe,Tex/noUndefined`) | `""` |
|
|
88
|
+
| `font_url` | URL to use for web fonts | `https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.2/fonts/HTML-CSS` |
|
|
89
|
+
|
|
55
90
|
## Local testing
|
|
56
91
|
|
|
57
92
|
If you want to try out your CSP locally, you can specify headers in your `_config.yml`:
|
|
@@ -63,7 +98,15 @@ webrick:
|
|
|
63
98
|
default-src 'none'; script-src ...
|
|
64
99
|
```
|
|
65
100
|
|
|
66
|
-
It is unfortunately not possible to have Liquid tags in `_config.yml`, so you will have to update your CSP manually. Don't forget to restart `jekyll` for it to pick up the config changes.
|
|
101
|
+
It is unfortunately not possible to have Liquid tags in `_config.yml`, so with this approach, you will have to update your CSP manually. Don't forget to restart `jekyll` for it to pick up the config changes.
|
|
102
|
+
|
|
103
|
+
Another possibility is using a [`meta` tag with `http-equiv`](https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta#attr-http-equiv), placed in your pages' `<head>` element:
|
|
104
|
+
|
|
105
|
+
```html
|
|
106
|
+
<meta http-equiv="Content-Security-Policy" content="default-src 'none'; script-src ...">
|
|
107
|
+
```
|
|
108
|
+
|
|
109
|
+
Note that this cannot be used with frame-ancestors, report-uri, or sandbox.
|
|
67
110
|
|
|
68
111
|
## License
|
|
69
112
|
|
data/lib/jekyll-mathjax-csp.rb
CHANGED
|
@@ -31,7 +31,6 @@ require "jekyll"
|
|
|
31
31
|
|
|
32
32
|
require "digest"
|
|
33
33
|
require "open3"
|
|
34
|
-
require "securerandom"
|
|
35
34
|
require "set"
|
|
36
35
|
|
|
37
36
|
module Jekyll
|
|
@@ -39,7 +38,26 @@ module Jekyll
|
|
|
39
38
|
# Run Jekyll documents through mathjax-node-page, transform style attributes into inline style
|
|
40
39
|
# tags and compute their hashes
|
|
41
40
|
class Mathifier
|
|
42
|
-
MATH_TAG_REGEX =
|
|
41
|
+
MATH_TAG_REGEX = /(<script[^>]*type="math\/tex|\\\[.*\\\]|\\\(.*\\\))/im
|
|
42
|
+
|
|
43
|
+
FIELDS = {
|
|
44
|
+
"format" => "--format",
|
|
45
|
+
"font" => "--font",
|
|
46
|
+
"ouput" => "--output",
|
|
47
|
+
"equation_number" => "--eqno",
|
|
48
|
+
"output" => "--output",
|
|
49
|
+
"eqno" => "--eqno",
|
|
50
|
+
"ex_size" => "--ex",
|
|
51
|
+
"width" => "--width",
|
|
52
|
+
"extensions" => "--extensions",
|
|
53
|
+
"font_url" => "--fontURL"
|
|
54
|
+
}
|
|
55
|
+
FLAGS = {
|
|
56
|
+
"linebreaks" => "--linebreaks",
|
|
57
|
+
"single_dollars" => "--dollars",
|
|
58
|
+
"semantics" => "--semantics",
|
|
59
|
+
"notexthints" => "--notexthints"
|
|
60
|
+
}
|
|
43
61
|
|
|
44
62
|
class << self
|
|
45
63
|
attr_accessor :csp_hashes
|
|
@@ -79,11 +97,26 @@ module Jekyll
|
|
|
79
97
|
end
|
|
80
98
|
|
|
81
99
|
# Run mathjax-node-page on a String containing an HTML doc
|
|
82
|
-
def run_mjpage(output)
|
|
100
|
+
def run_mjpage(config, output)
|
|
83
101
|
mathified = ""
|
|
84
102
|
exit_status = 0
|
|
103
|
+
|
|
104
|
+
command = "node_modules/mathjax-node-page/bin/mjpage"
|
|
105
|
+
|
|
106
|
+
FIELDS.each do |name, flag|
|
|
107
|
+
unless config[name].nil?
|
|
108
|
+
command << " " << flag << " " << config[name].to_s
|
|
109
|
+
end
|
|
110
|
+
end
|
|
111
|
+
|
|
112
|
+
FLAGS.each do |name, flag|
|
|
113
|
+
unless config[name].nil?
|
|
114
|
+
command << " " << flag
|
|
115
|
+
end
|
|
116
|
+
end
|
|
117
|
+
|
|
85
118
|
begin
|
|
86
|
-
Open3.popen2(
|
|
119
|
+
Open3.popen2(command) {|i,o,t|
|
|
87
120
|
i.print output
|
|
88
121
|
i.close
|
|
89
122
|
o.each {|line|
|
|
@@ -111,7 +144,7 @@ module Jekyll
|
|
|
111
144
|
Jekyll.logger.abort_with "", "due to a misconfiguration or server-side style injection."
|
|
112
145
|
end
|
|
113
146
|
|
|
114
|
-
mjpage_output = run_mjpage(doc.output)
|
|
147
|
+
mjpage_output = run_mjpage(config, doc.output)
|
|
115
148
|
parsed_doc = Nokogiri::HTML::Document.parse(mjpage_output)
|
|
116
149
|
last_child = parsed_doc.at_css("head").last_element_child()
|
|
117
150
|
if last_child.name == "style"
|
|
@@ -186,7 +219,7 @@ end
|
|
|
186
219
|
# single <style> element
|
|
187
220
|
Jekyll::Hooks.register [:documents, :pages], :post_render do |doc|
|
|
188
221
|
if Jekyll::Mathifier.mathable?(doc)
|
|
189
|
-
Jekyll::Mathifier.mathify(doc, doc.site.config["mathjax_csp"])
|
|
222
|
+
Jekyll::Mathifier.mathify(doc, doc.site.config["mathjax_csp"] || {})
|
|
190
223
|
end
|
|
191
224
|
end
|
|
192
225
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: jekyll-mathjax-csp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Fabian Henneke
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-05-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: html-pipeline
|
|
@@ -16,28 +16,34 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '2.
|
|
19
|
+
version: '2.12'
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: '2.
|
|
26
|
+
version: '2.12'
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: jekyll
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
|
-
- - "
|
|
31
|
+
- - ">="
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
33
|
version: '3.0'
|
|
34
|
+
- - "<"
|
|
35
|
+
- !ruby/object:Gem::Version
|
|
36
|
+
version: '5.0'
|
|
34
37
|
type: :runtime
|
|
35
38
|
prerelease: false
|
|
36
39
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
40
|
requirements:
|
|
38
|
-
- - "
|
|
41
|
+
- - ">="
|
|
39
42
|
- !ruby/object:Gem::Version
|
|
40
43
|
version: '3.0'
|
|
44
|
+
- - "<"
|
|
45
|
+
- !ruby/object:Gem::Version
|
|
46
|
+
version: '5.0'
|
|
41
47
|
description: Server-side MathJax rendering for Jekyll with a strict CSP
|
|
42
48
|
email: fabian@henneke.me
|
|
43
49
|
executables: []
|
|
@@ -66,8 +72,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
66
72
|
- !ruby/object:Gem::Version
|
|
67
73
|
version: '0'
|
|
68
74
|
requirements: []
|
|
69
|
-
|
|
70
|
-
rubygems_version: 2.6.13
|
|
75
|
+
rubygems_version: 3.0.3
|
|
71
76
|
signing_key:
|
|
72
77
|
specification_version: 4
|
|
73
78
|
summary: Server-side MathJax & CSP for Jekyll
|