git.squeep.com Git - akkoma/blob - lib/pleroma/html.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.HTML do
   6   alias HtmlSanitizeEx.Scrubber
   7
   8   defp get_scrubbers(scrubber) when is_atom(scrubber), do: [scrubber]
   9   defp get_scrubbers(scrubbers) when is_list(scrubbers), do: scrubbers
  10   defp get_scrubbers(_), do: [Pleroma.HTML.Scrubber.Default]
  11
  12   def get_scrubbers do
  13     Pleroma.Config.get([:markup, :scrub_policy])
  14     |> get_scrubbers
  15   end
  16
  17   def filter_tags(html, nil) do
  18     filter_tags(html, get_scrubbers())
  19   end
  20
  21   def filter_tags(html, scrubbers) when is_list(scrubbers) do
  22     Enum.reduce(scrubbers, html, fn scrubber, html ->
  23       filter_tags(html, scrubber)
  24     end)
  25   end
  26
  27   def filter_tags(html, scrubber), do: Scrubber.scrub(html, scrubber)
  28   def filter_tags(html), do: filter_tags(html, nil)
  29   def strip_tags(html), do: Scrubber.scrub(html, Scrubber.StripTags)
  30
  31   def get_cached_scrubbed_html_for_activity(content, scrubbers, activity, key \\ "") do
  32     key = "#{key}#{generate_scrubber_signature(scrubbers)}|#{activity.id}"
  33
  34     Cachex.fetch!(:scrubber_cache, key, fn _key ->
  35       object = Pleroma.Object.normalize(activity)
  36       ensure_scrubbed_html(content, scrubbers, object.data["fake"] || false)
  37     end)
  38   end
  39
  40   def get_cached_stripped_html_for_activity(content, activity, key) do
  41     get_cached_scrubbed_html_for_activity(
  42       content,
  43       HtmlSanitizeEx.Scrubber.StripTags,
  44       activity,
  45       key
  46     )
  47   end
  48
  49   def ensure_scrubbed_html(
  50         content,
  51         scrubbers,
  52         false = _fake
  53       ) do
  54     {:commit, filter_tags(content, scrubbers)}
  55   end
  56
  57   def ensure_scrubbed_html(
  58         content,
  59         scrubbers,
  60         true = _fake
  61       ) do
  62     {:ignore, filter_tags(content, scrubbers)}
  63   end
  64
  65   defp generate_scrubber_signature(scrubber) when is_atom(scrubber) do
  66     generate_scrubber_signature([scrubber])
  67   end
  68
  69   defp generate_scrubber_signature(scrubbers) do
  70     Enum.reduce(scrubbers, "", fn scrubber, signature ->
  71       "#{signature}#{to_string(scrubber)}"
  72     end)
  73   end
  74
  75   def extract_first_external_url(_, nil), do: {:error, "No content"}
  76
  77   def extract_first_external_url(object, content) do
  78     key = "URL|#{object.id}"
  79
  80     Cachex.fetch!(:scrubber_cache, key, fn _key ->
  81       result =
  82         content
  83         |> Floki.filter_out("a.mention")
  84         |> Floki.attribute("a", "href")
  85         |> Enum.at(0)
  86
  87       {:commit, {:ok, result}}
  88     end)
  89   end
  90 end
  91
  92 defmodule Pleroma.HTML.Scrubber.TwitterText do
  93   @moduledoc """
  94   An HTML scrubbing policy which limits to twitter-style text.  Only
  95   paragraphs, breaks and links are allowed through the filter.
  96   """
  97
  98   @markup Application.get_env(:pleroma, :markup)
  99   @valid_schemes Pleroma.Config.get([:uri_schemes, :valid_schemes], [])
 100
 101   require HtmlSanitizeEx.Scrubber.Meta
 102   alias HtmlSanitizeEx.Scrubber.Meta
 103
 104   Meta.remove_cdata_sections_before_scrub()
 105   Meta.strip_comments()
 106
 107   # links
 108   Meta.allow_tag_with_uri_attributes("a", ["href", "data-user", "data-tag"], @valid_schemes)
 109
 110   Meta.allow_tag_with_this_attribute_values("a", "class", [
 111     "hashtag",
 112     "u-url",
 113     "mention",
 114     "u-url mention",
 115     "mention u-url"
 116   ])
 117
 118   Meta.allow_tag_with_this_attribute_values("a", "rel", [
 119     "tag",
 120     "nofollow",
 121     "noopener",
 122     "noreferrer"
 123   ])
 124
 125   Meta.allow_tag_with_these_attributes("a", ["name", "title"])
 126
 127   # paragraphs and linebreaks
 128   Meta.allow_tag_with_these_attributes("br", [])
 129   Meta.allow_tag_with_these_attributes("p", [])
 130
 131   # microformats
 132   Meta.allow_tag_with_this_attribute_values("span", "class", ["h-card"])
 133   Meta.allow_tag_with_these_attributes("span", [])
 134
 135   # allow inline images for custom emoji
 136   @allow_inline_images Keyword.get(@markup, :allow_inline_images)
 137
 138   if @allow_inline_images do
 139     # restrict img tags to http/https only, because of MediaProxy.
 140     Meta.allow_tag_with_uri_attributes("img", ["src"], ["http", "https"])
 141
 142     Meta.allow_tag_with_these_attributes("img", [
 143       "width",
 144       "height",
 145       "title",
 146       "alt"
 147     ])
 148   end
 149
 150   Meta.strip_everything_not_covered()
 151 end
 152
 153 defmodule Pleroma.HTML.Scrubber.Default do
 154   @doc "The default HTML scrubbing policy: no "
 155
 156   require HtmlSanitizeEx.Scrubber.Meta
 157   alias HtmlSanitizeEx.Scrubber.Meta
 158   # credo:disable-for-previous-line
 159   # No idea how to fix this one…
 160
 161   @markup Application.get_env(:pleroma, :markup)
 162   @valid_schemes Pleroma.Config.get([:uri_schemes, :valid_schemes], [])
 163
 164   Meta.remove_cdata_sections_before_scrub()
 165   Meta.strip_comments()
 166
 167   Meta.allow_tag_with_uri_attributes("a", ["href", "data-user", "data-tag"], @valid_schemes)
 168
 169   Meta.allow_tag_with_this_attribute_values("a", "class", [
 170     "hashtag",
 171     "u-url",
 172     "mention",
 173     "u-url mention",
 174     "mention u-url"
 175   ])
 176
 177   Meta.allow_tag_with_this_attribute_values("a", "rel", [
 178     "tag",
 179     "nofollow",
 180     "noopener",
 181     "noreferrer"
 182   ])
 183
 184   Meta.allow_tag_with_these_attributes("a", ["name", "title"])
 185
 186   Meta.allow_tag_with_these_attributes("abbr", ["title"])
 187
 188   Meta.allow_tag_with_these_attributes("b", [])
 189   Meta.allow_tag_with_these_attributes("blockquote", [])
 190   Meta.allow_tag_with_these_attributes("br", [])
 191   Meta.allow_tag_with_these_attributes("code", [])
 192   Meta.allow_tag_with_these_attributes("del", [])
 193   Meta.allow_tag_with_these_attributes("em", [])
 194   Meta.allow_tag_with_these_attributes("i", [])
 195   Meta.allow_tag_with_these_attributes("li", [])
 196   Meta.allow_tag_with_these_attributes("ol", [])
 197   Meta.allow_tag_with_these_attributes("p", [])
 198   Meta.allow_tag_with_these_attributes("pre", [])
 199   Meta.allow_tag_with_these_attributes("strong", [])
 200   Meta.allow_tag_with_these_attributes("u", [])
 201   Meta.allow_tag_with_these_attributes("ul", [])
 202
 203   Meta.allow_tag_with_this_attribute_values("span", "class", ["h-card"])
 204   Meta.allow_tag_with_these_attributes("span", [])
 205
 206   @allow_inline_images Keyword.get(@markup, :allow_inline_images)
 207
 208   if @allow_inline_images do
 209     # restrict img tags to http/https only, because of MediaProxy.
 210     Meta.allow_tag_with_uri_attributes("img", ["src"], ["http", "https"])
 211
 212     Meta.allow_tag_with_these_attributes("img", [
 213       "width",
 214       "height",
 215       "title",
 216       "alt"
 217     ])
 218   end
 219
 220   @allow_tables Keyword.get(@markup, :allow_tables)
 221
 222   if @allow_tables do
 223     Meta.allow_tag_with_these_attributes("table", [])
 224     Meta.allow_tag_with_these_attributes("tbody", [])
 225     Meta.allow_tag_with_these_attributes("td", [])
 226     Meta.allow_tag_with_these_attributes("th", [])
 227     Meta.allow_tag_with_these_attributes("thead", [])
 228     Meta.allow_tag_with_these_attributes("tr", [])
 229   end
 230
 231   @allow_headings Keyword.get(@markup, :allow_headings)
 232
 233   if @allow_headings do
 234     Meta.allow_tag_with_these_attributes("h1", [])
 235     Meta.allow_tag_with_these_attributes("h2", [])
 236     Meta.allow_tag_with_these_attributes("h3", [])
 237     Meta.allow_tag_with_these_attributes("h4", [])
 238     Meta.allow_tag_with_these_attributes("h5", [])
 239   end
 240
 241   @allow_fonts Keyword.get(@markup, :allow_fonts)
 242
 243   if @allow_fonts do
 244     Meta.allow_tag_with_these_attributes("font", ["face"])
 245   end
 246
 247   Meta.strip_everything_not_covered()
 248 end
 249
 250 defmodule Pleroma.HTML.Transform.MediaProxy do
 251   @moduledoc "Transforms inline image URIs to use MediaProxy."
 252
 253   alias Pleroma.Web.MediaProxy
 254
 255   def before_scrub(html), do: html
 256
 257   def scrub_attribute("img", {"src", "http" <> target}) do
 258     media_url =
 259       ("http" <> target)
 260       |> MediaProxy.url()
 261
 262     {"src", media_url}
 263   end
 264
 265   def scrub_attribute(_tag, attribute), do: attribute
 266
 267   def scrub({"img", attributes, children}) do
 268     attributes =
 269       attributes
 270       |> Enum.map(fn attr -> scrub_attribute("img", attr) end)
 271       |> Enum.reject(&is_nil(&1))
 272
 273     {"img", attributes, children}
 274   end
 275
 276   def scrub({:comment, _children}), do: ""
 277
 278   def scrub({tag, attributes, children}), do: {tag, attributes, children}
 279   def scrub({_tag, children}), do: children
 280   def scrub(text), do: text
 281 end