30 December 2022

Prevent PHP's CommonMark extension from omitting raw HTML

Use the value of CMARK_OPT_UNSAFE in the HTML rendering function.

In an earlier post, I had mentioned how to natively use CommonMark in PHP using its Pear extension.

Some time after learning to do this, I encountered another problem. The extension was removing raw HTML in the markdown with <!-- raw HTML omitted --> in the output. This is to protect CommonMark-based online systems from code injections. However, SqlSiteServer is an offline CMS. It does not need the protection.

I thought I had to modify the source code of the extension or the libcmark library. Apparently, not.

define("CMARK_OPT_UNSAFE", (1 << 17));

…

$oCmDoc = \CommonMark\Parse($asMarkdown);
$sHtml = \CommonMark\Render\HTML($oCmDoc, CMARK_OPT_UNSAFE);

An overload of the HTML-rendering function, allows several options to passed to it. One of them is CMARK_OPT_UNSAFE, which translates to (1 << 17).

Link: | Magic Link:

Comments are not enabled yet.

For older posts, check the archives.