Browse Source
lib/pleroma/html.ex: Use macros for valid_schemes, change config for schemes
tags/v0.9.9
Haelwenn (lanodan) Monnier
5 years ago
No known key found for this signature in database
GPG Key ID: D5B7A8E43C997DEE
3 changed files with 32 additions and 50 deletions
Split View
Diff Options
-
+17 -1config/config.exs
-
+3 -24lib/pleroma/formatter.ex
-
+12 -25lib/pleroma/html.ex
+ 17
- 1
config/config.exs
View File
| @@ -24,7 +24,23 @@ config :pleroma, Pleroma.Uploaders.S3, | |||
| config :pleroma, :emoji, shortcode_globs: ["/emoji/custom/**/*.png"] | |||
| config :pleroma, :uri_schemes, additionnal_schemes: [] | |||
| config :pleroma, :uri_schemes, | |||
| valid_schemes: [ | |||
| "https", | |||
| "http", | |||
| "dat", | |||
| "dweb", | |||
| "gopher", | |||
| "ipfs", | |||
| "ipns", | |||
| "irc", | |||
| "ircs", | |||
| "magnet", | |||
| "mailto", | |||
| "mumble", | |||
| "ssb", | |||
| "xmpp" | |||
| ] | |||
| # Configures the endpoint | |||
| config :pleroma, Pleroma.Web.Endpoint, | |||
+ 3
- 24
lib/pleroma/formatter.ex
View File
| @@ -171,25 +171,8 @@ defmodule Pleroma.Formatter do | |||
| @link_regex ~r/[0-9a-z+\-\.]+:[0-9a-z$-_.+!*'(),]+/ui | |||
| # IANA got a list https://www.iana.org/assignments/uri-schemes/ but | |||
| # Stuff like ipfs isn’t in it | |||
| # There is very niche stuff | |||
| @uri_schemes [ | |||
| "https://", | |||
| "http://", | |||
| "dat://", | |||
| "dweb://", | |||
| "gopher://", | |||
| "ipfs://", | |||
| "ipns://", | |||
| "irc:", | |||
| "ircs:", | |||
| "magnet:", | |||
| "mailto:", | |||
| "mumble:", | |||
| "ssb://", | |||
| "xmpp:" | |||
| ] | |||
| @uri_schemes Application.get_env(:pleroma, :uri_schemes, []) | |||
| @valid_schemes Keyword.get(@uri_schemes, :valid_schemes, []) | |||
| # TODO: make it use something other than @link_regex | |||
| def html_escape(text, "text/html") do | |||
| @@ -207,14 +190,10 @@ defmodule Pleroma.Formatter do | |||
| @doc "changes scheme:... urls to html links" | |||
| def add_links({subs, text}) do | |||
| additionnal_schemes = | |||
| Application.get_env(:pleroma, :uri_schemes, []) | |||
| |> Keyword.get(:additionnal_schemes, []) | |||
| links = | |||
| text | |||
| |> String.split([" ", "\t", "<br>"]) | |||
| |> Enum.filter(fn word -> String.starts_with?(word, @uri_schemes ++ additionnal_schemes) end) | |||
| |> Enum.filter(fn word -> String.starts_with?(word, @valid_schemes) end) | |||
| |> Enum.filter(fn word -> Regex.match?(@link_regex, word) end) | |||
| |> Enum.map(fn url -> {Ecto.UUID.generate(), url} end) | |||
| |> Enum.sort_by(fn {_, url} -> -String.length(url) end) | |||
+ 12
- 25
lib/pleroma/html.ex
View File
| @@ -3,25 +3,6 @@ defmodule Pleroma.HTML do | |||
| @markup Application.get_env(:pleroma, :markup) | |||
| def valid_schemes() do | |||
| [ | |||
| "https://", | |||
| "http://", | |||
| "dat://", | |||
| "dweb://", | |||
| "gopher://", | |||
| "ipfs://", | |||
| "ipns://", | |||
| "irc:", | |||
| "ircs:", | |||
| "magnet:", | |||
| "mailto:", | |||
| "mumble:", | |||
| "ssb://", | |||
| "xmpp:" | |||
| ] | |||
| end | |||
| defp get_scrubbers(scrubber) when is_atom(scrubber), do: [scrubber] | |||
| defp get_scrubbers(scrubbers) when is_list(scrubbers), do: scrubbers | |||
| defp get_scrubbers(_), do: [Pleroma.HTML.Scrubber.Default] | |||
| @@ -55,6 +36,10 @@ defmodule Pleroma.HTML.Scrubber.TwitterText do | |||
| paragraphs, breaks and links are allowed through the filter. | |||
| """ | |||
| @markup Application.get_env(:pleroma, :markup) | |||
| @uri_schemes Application.get_env(:pleroma, :uri_schemes, []) | |||
| @valid_schemes Keyword.get(@uri_schemes, :valid_schemes, []) | |||
| require HtmlSanitizeEx.Scrubber.Meta | |||
| alias HtmlSanitizeEx.Scrubber.Meta | |||
| @@ -64,7 +49,7 @@ defmodule Pleroma.HTML.Scrubber.TwitterText do | |||
| Meta.strip_comments() | |||
| # links | |||
| Meta.allow_tag_with_uri_attributes("a", ["href"], HTML.valid_schemes()) | |||
| Meta.allow_tag_with_uri_attributes("a", ["href"], @valid_schemes) | |||
| Meta.allow_tag_with_these_attributes("a", ["name", "title"]) | |||
| # paragraphs and linebreaks | |||
| @@ -75,11 +60,10 @@ defmodule Pleroma.HTML.Scrubber.TwitterText do | |||
| Meta.allow_tag_with_these_attributes("span", []) | |||
| # allow inline images for custom emoji | |||
| @markup Application.get_env(:pleroma, :markup) | |||
| @allow_inline_images Keyword.get(@markup, :allow_inline_images) | |||
| if @allow_inline_images do | |||
| Meta.allow_tag_with_uri_attributes("img", ["src"], HTML.valid_schemes()) | |||
| Meta.allow_tag_with_uri_attributes("img", ["src"], @valid_schemes) | |||
| Meta.allow_tag_with_these_attributes("img", [ | |||
| "width", | |||
| @@ -100,10 +84,14 @@ defmodule Pleroma.HTML.Scrubber.Default do | |||
| alias Pleroma.HTML | |||
| @markup Application.get_env(:pleroma, :markup) | |||
| @uri_schemes Application.get_env(:pleroma, :uri_schemes, []) | |||
| @valid_schemes Keyword.get(@uri_schemes, :valid_schemes, []) | |||
| Meta.remove_cdata_sections_before_scrub() | |||
| Meta.strip_comments() | |||
| Meta.allow_tag_with_uri_attributes("a", ["href"], HTML.valid_schemes()) | |||
| Meta.allow_tag_with_uri_attributes("a", ["href"], @valid_schemes) | |||
| Meta.allow_tag_with_these_attributes("a", ["name", "title"]) | |||
| Meta.allow_tag_with_these_attributes("b", []) | |||
| @@ -122,11 +110,10 @@ defmodule Pleroma.HTML.Scrubber.Default do | |||
| Meta.allow_tag_with_these_attributes("u", []) | |||
| Meta.allow_tag_with_these_attributes("ul", []) | |||
| @markup Application.get_env(:pleroma, :markup) | |||
| @allow_inline_images Keyword.get(@markup, :allow_inline_images) | |||
| if @allow_inline_images do | |||
| Meta.allow_tag_with_uri_attributes("img", ["src"], HTML.valid_schemes()) | |||
| Meta.allow_tag_with_uri_attributes("img", ["src"], @valid_schemes) | |||
| Meta.allow_tag_with_these_attributes("img", [ | |||
| "width", | |||