@@ -121,6 +121,10 @@ defmodule Pleroma.Formatter do | |||||
end | end | ||||
end | end | ||||
def markdown_to_html(text) do | |||||
Earmark.as_html!(text) | |||||
end | |||||
def html_escape({text, mentions, hashtags}, type) do | def html_escape({text, mentions, hashtags}, type) do | ||||
{html_escape(text, type), mentions, hashtags} | {html_escape(text, type), mentions, hashtags} | ||||
end | end | ||||
@@ -95,7 +95,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.AudioVideoValidator do | |||||
when is_binary(content) do | when is_binary(content) do | ||||
content = | content = | ||||
content | content | ||||
|> Earmark.as_html!() | |||||
|> Pleroma.Formatter.markdown_to_html() | |||||
|> Pleroma.HTML.filter_tags() | |> Pleroma.HTML.filter_tags() | ||||
Map.put(data, "content", content) | Map.put(data, "content", content) | ||||
@@ -294,7 +294,7 @@ defmodule Pleroma.Web.CommonAPI.Utils do | |||||
def format_input(text, "text/markdown", options) do | def format_input(text, "text/markdown", options) do | ||||
text | text | ||||
|> Formatter.mentions_escape(options) | |> Formatter.mentions_escape(options) | ||||
|> Earmark.as_html!() | |||||
|> Formatter.markdown_to_html() | |||||
|> Formatter.linkify(options) | |> Formatter.linkify(options) | ||||
|> Formatter.minify("text/html") | |> Formatter.minify("text/html") | ||||
|> Formatter.html_escape("text/html") | |> Formatter.html_escape("text/html") | ||||
@@ -59,6 +59,8 @@ defmodule Pleroma.HTML.Scrubber.Default do | |||||
Meta.allow_tag_with_this_attribute_values(:span, "class", ["h-card"]) | Meta.allow_tag_with_this_attribute_values(:span, "class", ["h-card"]) | ||||
Meta.allow_tag_with_these_attributes(:span, []) | Meta.allow_tag_with_these_attributes(:span, []) | ||||
Meta.allow_tag_with_this_attribute_values(:code, "class", ["inline"]) | |||||
@allow_inline_images Pleroma.Config.get([:markup, :allow_inline_images]) | @allow_inline_images Pleroma.Config.get([:markup, :allow_inline_images]) | ||||
if @allow_inline_images do | if @allow_inline_images do | ||||
@@ -178,13 +178,13 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do | |||||
test "raw HTML" do | test "raw HTML" do | ||||
code = ~s[<a href="http://example.org/">OwO</a><!-- what's this?-->] | code = ~s[<a href="http://example.org/">OwO</a><!-- what's this?-->] | ||||
{result, [], []} = Utils.format_input(code, "text/markdown") | {result, [], []} = Utils.format_input(code, "text/markdown") | ||||
assert result == "<p>#{code}</p>" | |||||
assert result == ~s[<a href="http://example.org/">OwO</a>] | |||||
end | end | ||||
test "rulers" do | test "rulers" do | ||||
code = ~s[before\n\n-----\n\nafter] | code = ~s[before\n\n-----\n\nafter] | ||||
{result, [], []} = Utils.format_input(code, "text/markdown") | {result, [], []} = Utils.format_input(code, "text/markdown") | ||||
assert result == "<p>before</p><hr /><p>after</p>" | |||||
assert result == "<p>before</p><hr/><p>after</p>" | |||||
end | end | ||||
test "blockquote" do | test "blockquote" do | ||||
@@ -204,7 +204,7 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do | |||||
code = ~s[```\nputs "Hello World"\n```] | code = ~s[```\nputs "Hello World"\n```] | ||||
{result, [], []} = Utils.format_input(code, "text/markdown") | {result, [], []} = Utils.format_input(code, "text/markdown") | ||||
assert result == ~s[<pre><code class="">puts "Hello World"</code></pre>] | |||||
assert result == ~s[<pre><code>puts "Hello World"</code></pre>] | |||||
end | end | ||||
test "lists" do | test "lists" do | ||||
@@ -227,9 +227,9 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do | |||||
assert result == ~s[<p><strong>aaaa~</strong></p>] | assert result == ~s[<p><strong>aaaa~</strong></p>] | ||||
# strikethrough | # strikethrough | ||||
code = ~s[<del>aaaa~</del>] | |||||
code = ~s[~~aaaa~~~] | |||||
{result, [], []} = Utils.format_input(code, "text/markdown") | {result, [], []} = Utils.format_input(code, "text/markdown") | ||||
assert result == ~s[<p><del>aaaa~</del></p>] | |||||
assert result == ~s[<p><del>aaaa</del>~</p>] | |||||
end | end | ||||
end | end | ||||
@@ -558,7 +558,7 @@ defmodule Pleroma.Web.CommonAPITest do | |||||
object = Object.normalize(activity) | object = Object.normalize(activity) | ||||
assert object.data["content"] == "<p><b>2hu</b></p>alert('xss')" | |||||
assert object.data["content"] == "<p><b>2hu</b></p>" | |||||
assert object.data["source"] == post | assert object.data["source"] == post | ||||
end | end | ||||