Markdown: Getting Started

• Syntax Highlighting
• Nesting Components
• Security

#Syntax Highlighting

Syntax highlighting is done by Torchlight Engine, if you select it when installing the starter kit.

Changing the theme, or updating options such as enabling line numbers can be done in the config/dok.php file.

View a list of available options.

View a list of available themes.

#Nesting Components

Both components and extensions support nesting, and follow the same syntax rules. There are two different syntaxes that Dok supports.

The first option is to increase the number of fence characters on the outer blocks:

::::cardgroup
:::card
My card content
:::
::::

You might have noticed the above method above could get quite messy once you start nesting blocks within each other. For this reason you can define an ending tag like below:

:::cardgroup
:::card
My card content
:::/card
:::/cardgroup

#Security

Dok follows the security principles established by League/CommonMark. As Dok components are built as CommonMark extensions, security is primarily handled by League/CommonMark and its configuration options.

In short, if you are allowing markdown input from potentially untrusted users, it's highly recommended to use the settings in the CommonMark config to escape the input. Dok ships with the html_input option set to escape.

Components, and respectively their bound blade files, are assumed safe because users cannot edit them directly. Consequently, CommonMarks html_input has no effect on their rendering.

However, there are two ways to get user-generated input through to your bound component: through attributes or slots. These are both ran through CommonMarks HtmlFilter and depending on your setting, return the filtered (or non-filtered) input. If you aren't accepting untrusted user input you don't really need to worry about this.