X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fhtml.ex;h=3951f0f51beaf8490d30178e1a49ef85bc682737;hb=4fabf83ad01352442906d79187aeab4c777f4df8;hp=2fae7281c46c30134ec89edf4adc10267539cd9f;hpb=a0c65bbd6c708b555f457bf24ec07d2d41c3fe4a;p=akkoma

diff --git a/lib/pleroma/html.ex b/lib/pleroma/html.ex
index 2fae7281c..3951f0f51 100644
--- a/lib/pleroma/html.ex
+++ b/lib/pleroma/html.ex
@@ -203,6 +203,8 @@ defmodule Pleroma.HTML.Scrubber.Default do
   Meta.allow_tag_with_these_attributes("p", [])
   Meta.allow_tag_with_these_attributes("pre", [])
   Meta.allow_tag_with_these_attributes("strong", [])
+  Meta.allow_tag_with_these_attributes("sub", [])
+  Meta.allow_tag_with_these_attributes("sup", [])
   Meta.allow_tag_with_these_attributes("u", [])
   Meta.allow_tag_with_these_attributes("ul", [])
 
@@ -280,3 +282,31 @@ defmodule Pleroma.HTML.Transform.MediaProxy do
   def scrub({_tag, children}), do: children
   def scrub(text), do: text
 end
+
+defmodule Pleroma.HTML.Scrubber.LinksOnly do
+  @moduledoc """
+  An HTML scrubbing policy which limits to links only.
+  """
+
+  @valid_schemes Pleroma.Config.get([:uri_schemes, :valid_schemes], [])
+
+  require HtmlSanitizeEx.Scrubber.Meta
+  alias HtmlSanitizeEx.Scrubber.Meta
+
+  Meta.remove_cdata_sections_before_scrub()
+  Meta.strip_comments()
+
+  # links
+  Meta.allow_tag_with_uri_attributes("a", ["href"], @valid_schemes)
+
+  Meta.allow_tag_with_this_attribute_values("a", "rel", [
+    "tag",
+    "nofollow",
+    "noopener",
+    "noreferrer",
+    "me"
+  ])
+
+  Meta.allow_tag_with_these_attributes("a", ["name", "title"])
+  Meta.strip_everything_not_covered()
+end