@markup Application.get_env(:pleroma, :markup)
+ def valid_schemes() do
+ [
+ "https://",
+ "http://",
+ "dat://",
+ "dweb://",
+ "gopher://",
+ "ipfs://",
+ "ipns://",
+ "irc:",
+ "ircs:",
+ "magnet:",
+ "mailto:",
+ "mumble:",
+ "ssb://",
+ "xmpp:"
+ ]
+ end
+
defp get_scrubbers(scrubber) when is_atom(scrubber), do: [scrubber]
defp get_scrubbers(scrubbers) when is_list(scrubbers), do: scrubbers
defp get_scrubbers(_), do: [Pleroma.HTML.Scrubber.Default]
|> get_scrubbers
end
- def filter_tags(html, scrubber) do
- html |> Scrubber.scrub(scrubber)
- end
-
- def filter_tags(html) do
+ def filter_tags(html, nil) do
get_scrubbers()
|> Enum.reduce(html, fn scrubber, html ->
filter_tags(html, scrubber)
end)
end
+ def filter_tags(html, scrubber) do
+ html |> Scrubber.scrub(scrubber)
+ end
+
+ def filter_tags(html), do: filter_tags(html, nil)
+
def strip_tags(html) do
html |> Scrubber.scrub(Scrubber.StripTags)
end
require HtmlSanitizeEx.Scrubber.Meta
alias HtmlSanitizeEx.Scrubber.Meta
- @valid_schemes ["http", "https"]
+ alias Pleroma.HTML
Meta.remove_cdata_sections_before_scrub()
Meta.strip_comments()
# links
- Meta.allow_tag_with_uri_attributes("a", ["href"], @valid_schemes)
+ Meta.allow_tag_with_uri_attributes("a", ["href"], HTML.valid_schemes())
Meta.allow_tag_with_these_attributes("a", ["name", "title"])
# paragraphs and linebreaks
@allow_inline_images Keyword.get(@markup, :allow_inline_images)
if @allow_inline_images do
- Meta.allow_tag_with_uri_attributes("img", ["src"], @valid_schemes)
+ Meta.allow_tag_with_uri_attributes("img", ["src"], HTML.valid_schemes())
Meta.allow_tag_with_these_attributes("img", [
"width",
"alt"
])
end
+
+ Meta.strip_everything_not_covered()
end
defmodule Pleroma.HTML.Scrubber.Default do
require HtmlSanitizeEx.Scrubber.Meta
alias HtmlSanitizeEx.Scrubber.Meta
- @valid_schemes ["http", "https"]
+ alias Pleroma.HTML
Meta.remove_cdata_sections_before_scrub()
Meta.strip_comments()
- Meta.allow_tag_with_uri_attributes("a", ["href"], @valid_schemes)
+ Meta.allow_tag_with_uri_attributes("a", ["href"], HTML.valid_schemes())
Meta.allow_tag_with_these_attributes("a", ["name", "title"])
Meta.allow_tag_with_these_attributes("b", [])
@allow_inline_images Keyword.get(@markup, :allow_inline_images)
if @allow_inline_images do
- Meta.allow_tag_with_uri_attributes("img", ["src"], @valid_schemes)
+ Meta.allow_tag_with_uri_attributes("img", ["src"], HTML.valid_schemes())
Meta.allow_tag_with_these_attributes("img", [
"width",