Markdown Redmine

Posted on  by admin

Feature #20497

Status:NewStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Text formatting
Target version:Candidate for next major release
Resolution:

A powerful online table generator and editor that converts between csv, html and markdown. Easy to convert html tables to sql, json, xml, excel, latex tables and text, making the table easier to use. Convert Textile to Markdown contents in Redmin. GitHub Gist: instantly share code, notes, and snippets. Skip to content. All gists Back to GitHub. Sign in Sign up Instantly share code, notes, and snippets. D3j / redminetextile2md.rb forked from yuumi3/redminetextile2md.rb. Last active Oct 26, 2015. Star 0 Fork 0; Code Revisions 6.

Description

As discussed in #15520#note-16 currently HTML is disabled. This brings several important issues which need to be addressed:

  • Markdown without HTML is not any more Markdown, but rather a very limited flavour
  • because it's a flavour, it needs to be named differently (according to John Gruber)
  • users of CKEditor (or similar) can't easily migrate
  • Redmine is very often deployed on non-public networks and thus using HTML is quite safe
Redmine markdown syntax

The easiest solution would be to introduce 2 formatting options instead of one:

1. 'Markdown (with HTML)'
1. 'Markdown (without HTML)'

Also, there would need to be two different markup manuals (a modern variant based on side-by-side live preview as on http://agea.github.io/tutorial.md/ might be worth looking at and possibly copying from - it's MIT licensed).

0001-adds-an-additional-Markdown-format-that-allows-user-.patch - patch that adds a Markdown (with HTML) formatter (14.4 KB)

Related issues

History

#1 Updated by Go MAEDAover 5 years ago

  • Related toDefect #807: HTML not escaped in ticket descriptions added

#2 Updated by Toshi MARUYAMA over 5 years ago

  • Description updated (diff)

#3 Updated by @ go2nullover 5 years ago

Useful background discussion here #15520Markdown formatting, including links to the following source for Textile and Markdown.

#4 Updated by Go MAEDAover 5 years ago

  • Related toFeature #15520: Markdown formatting added

Redmine Syntax

#5 Updated by Go MAEDAover 5 years ago

#6 Updated by Go MAEDAover 5 years ago

  • Priority changed from High to Normal

#7 Updated by @ go2nullover 5 years ago

Here is StackOverflow's disclaimer:
http://stackoverflow.com/editing-help#html


Inline HTML

If you need to do something that Markdown can't handle, use HTML. Note that we only support a very strict subset of HTML!

Markdown is smart enough not to mangle your span-level HTML:

Block-level HTML elements have a few restrictions:
  1. They must be separated from surrounding text by blank lines.
  2. The begin and end tags of the outermost block element must not be indented.
  3. Markdown can't be used within HTML blocks.

Redmine Markdown Toc

And here are the allowed HTML tags:

#8 Updated by James Hover 5 years ago

i run our redmine on a non-public network and would like to use this feature, but for our use case, we would need to be able to specify which projects would have this enabled or disabled. Most of our users are not 'power' users (do not know html) and so only a limited number of projects would get this setting enabled.

It would also be great if it could be even more customize-able than that (by trackers, by users, etc.).

#9 Updated by JW Fuchsalmost 5 years ago

#10 Updated by Ben Blancoalmost 5 years ago

I concur that Markdown without HTML is a flavoured(down) version of Markdown.

Github.com also rely on redcarpet gem, but they first sanitize the raw input before passing it onto redcarpet, see https://github.com/github/markup#github-markup (code is under Github's 'BSD-like?' license).

The sanitization is done by html-pipeline which is available as a gem, (its code is under MIT license).

By doing so they allow fair set of HTML tags:

Note: code excerpt from html-pipeline's sanitization_filter.rb at line 44.

Does anyone on this thread, or devs at redmine.org, think that it could be an option to implement the same process for redmine? And/or even re-use Github's code?

Last, #20497#note-8 made me think - though maybe not a good idea (that's why I ask) - if redmine's permissions model could be used to handle who has the right to input HTML tags in Wiki/Issue markdown.. Not sure if it would be better/more flexible than allowing HTML input on a per-project-basis...or have both options?

In all cases, being able to use HTML in redmine w/ markdown (in my case first and foremost for building better <tables> than Markdown's syntax allows for) would be awesome!

Thx :)

#11 Updated by Anonymous almost 5 years ago

Markdown

Ben Blanco wrote:

In all cases, being able to use HTML in redmine w/ markdown (in my case first and foremost for building better <tables> markdown's syntax allows for) would be awesome!

Thx :)

That is exactly the same reason I like to allow markup in my Markdown input.. I disabled the filter_html rule in the core formatting rules for my privately hosted Redmine instance to allow that, so that's sorted it out for me. I like the idea of making this behaviour configurable, I believe I may have suggested the same thing in some of the other Markdown-related tickets too.

Just keep in mind, as per mc0e's reply to my question on this matter, if you're running a public facing Redmine server you will have some security concerns to consider. For LAN or WAN only servers (like in my case) this isn't really a problem.

#12 Updated by Adrien Crivellialmost 5 years ago

Redmine Markdown Syntax

HTML in markdown is also required to solve the cases of two consecutive lists, or a list followed by code block as described in details in pandoc manual. Basically we use HTML comment (<!-- -->) to mark the end of a list when necessary. This is also explained here, where it's stated that all Markdown libs behave the same and that there is no other solution than using HTML comment.

Redmine Markdown Enable Html

So at the very least a subset of HTML really seems to be a necessity. Tables and comments being the obvious one.

#13 Updated by Dan Hiabout 2 years ago

This has been mentioned in others issues pointing at this one, but my #1 reason for wanting HTML would currently be the resizing of images or using thumbnails. Coming from JIRA where thumbnails are quite easy.

See here

'With certain Markdown implementations (including Mou and Marked 2 (only macOS)) you can append =WIDTHxHEIGHT after the URL of the graphic file to resize the image. Do not forget the space before the =.'

The lack of this sent me towards the html option, which honestly is part of true markdown. I'm not sure why it's so hard to rename markdown in redmine to 'redmine markdown'--that's a bare minimum of what should be done here. I'm not interested in hacking the rbs to allow HTML, only to lose it after an update.

If not HTML, then image resizing. And in either case, call it 'redmine markdown' to avoid confusion about what it supports.

#14 Updated by Bernhard Rohloffabout 2 years ago

Some time ago I've made a plugin to add a macro for that purpose as proposed in RE: how to allow html tag in redmine wiki. The syntax is quite easy and there's no need for an extra setting. I can attach it here on Monday if there's demand for it.

#15 Updated by Jens Krämerover 1 year ago

  • File0001-adds-an-additional-Markdown-format-that-allows-user-.patch added

Here's a patch that adds a second Markdown (with HTML) formatter which allows HTML input like tables etc and sanitizes the resulting HTML using Rails' HTML sanitization tools to prevent XSS etc. I have no idea how well that would work for handling CKEditor content, ymmv.

That's more or less just a proof of concept - I dont think that having two Markdown flavors is really a good idea. Ultimately, I don't see a problem with generally allowing HTML for the standard Redmine Markdown formatting as long as the output is sanitized properly. One might think about using the sanitize gem like Github does instead of Rails' Loofah based sanitizer as it allows for more granular definition of rules and is potentially safer / better due to the different HTML/CSS parsers used. Also, Rails' sanitize strips HTML comments which makes this patch useless if you want to support the HTML comment based list separation technique mentioned above :) However adding <p></p> between two lists serves the same purpose (and even works with Redmine's stock Markdown formatter).

I like the html-pipeline approach a lot, but introducing that to Redmine core would imo only make sense as part of a bigger refactoring / modularization of the whole textile/markdown rendering.

#16 Updated by Go MAEDAover 1 year ago

  • Target version set to Candidate for next major release

#17 Updated by Jan from Planio www.plan.ioover 1 year ago

  • Related toPatch #32424: CommonMark Markdown Text Formatting added

Also available in: AtomPDF