👌 IMPROVE: Link validation

chrisjsewell · chrisjsewell · commit edb01436ba2e · 2021-03-10T13:00:00.000+01:00
- Disallow escaped spaces inside link destination: `[](url\ xxx)` no longer valid (implements: markdown-it/markdown-it@2290e10) - Stop link title parsing when second `(` is found: `[](url (xxx())` no longer valid (implements: markdown-it/markdown-it@b1651b1) - Stop link parsing when second `<` is found: `[](<foo<bar>)` (implements: markdown-it/markdown-it@f688abc)
diff --git a/markdown_it/helpers/parse_link_destination.py b/markdown_it/helpers/parse_link_destination.py
@@ -26,6 +26,8 @@ def parseLinkDestination(string: str, pos: int, maximum: int) -> _Result:
             code = charCodeAt(string, pos)
             if code == 0x0A:  # /* \n */)
                 return result
+            if code == 0x3C:  # / * < * /
+                return result
             if code == 0x3E:  # /* > */) {
                 result.pos = pos + 1
                 result.str = unescapeAll(string[start + 1 : pos])
@@ -55,6 +57,8 @@ def parseLinkDestination(string: str, pos: int, maximum: int) -> _Result:
             break
 
         if code == 0x5C and pos + 1 < maximum:
+            if charCodeAt(string, pos + 1) == 0x20:
+                break
             pos += 2
             continue
 
diff --git a/markdown_it/helpers/parse_link_title.py b/markdown_it/helpers/parse_link_title.py
@@ -46,6 +46,8 @@ def parseLinkTitle(string: str, pos: int, maximum: int) -> _Result:
             result.str = title
             result.ok = True
             return result
+        elif code == 0x28 and marker == 0x29:  # /* ( */  /* ) */
+            return result
         elif code == 0x0A:
             lines += 1
         elif code == 0x5C and pos + 1 < maximum:  # /* \ */
diff --git a/tests/test_port/fixtures/commonmark_extras.md b/tests/test_port/fixtures/commonmark_extras.md
@@ -255,6 +255,33 @@ List item terminating quote should not be paragraph continuation
 </ol>
 .
 
+Escaped space is not allowed in link destination, commonmark/CommonMark#493.
+.
+[link](a\ b)
+.
+<p>[link](a\ b)</p>
+.
+
+Link destination cannot contain '<'
+.
+[](<foo<bar>)
+
+[](<foo\<bar>)
+.
+<p>[](&lt;foo<bar>)</p>
+<p><a href="foo%3Cbar"></a></p>
+.
+
+Link title cannot contain '(' when opened with it
+.
+[](url (xxx())
+
+[](url (xxx\())
+.
+<p>[](url (xxx())</p>
+<p><a href="url" title="xxx("></a></p>
+.
+
 Allow EOL in processing instructions, commonmark/commonmark.js#196.
 .
 a <?
