From 342ed844464bd32f633959b5fd48711c29c01566 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Mon, 10 Sep 2018 00:48:28 +0000 Subject: [PATCH] MRF: add policy for normalizing HTML markup (local and remote) to a specific policy --- config/config.exs | 2 ++ .../web/activity_pub/mrf/normalize_markup.ex | 25 ++++++++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 lib/pleroma/web/activity_pub/mrf/normalize_markup.ex diff --git a/config/config.exs b/config/config.exs index d5c5b7902..d8edc4862 100644 --- a/config/config.exs +++ b/config/config.exs @@ -104,6 +104,8 @@ config :pleroma, :activitypub, config :pleroma, :user, deny_follow_blocked: true +config :pleroma, :mrf_normalize_markup, scrub_policy: Pleroma.HTML.Scrubber.Default + config :pleroma, :mrf_rejectnonpublic, allow_followersonly: false, allow_direct: false diff --git a/lib/pleroma/web/activity_pub/mrf/normalize_markup.ex b/lib/pleroma/web/activity_pub/mrf/normalize_markup.ex new file mode 100644 index 000000000..b4f91f3cc --- /dev/null +++ b/lib/pleroma/web/activity_pub/mrf/normalize_markup.ex @@ -0,0 +1,25 @@ +defmodule Pleroma.Web.ActivityPub.MRF.NormalizeMarkup do + alias Pleroma.HTML + + @behaviour Pleroma.Web.ActivityPub.MRF + + @mrf_normalize_markup Application.get_env(:pleroma, :mrf_normalize_markup) + + def filter(%{"type" => activity_type} = object) when activity_type == "Create" do + scrub_policy = Keyword.get(@mrf_normalize_markup, :scrub_policy) + + child = object["object"] + + content = + child["content"] + |> HTML.filter_tags(scrub_policy) + + child = Map.put(child, "content", content) + + object = Map.put(object, "object", child) + + {:ok, object} + end + + def filter(object), do: {:ok, object} +end