]>
Commit | Line | Data |
---|---|---|
c68e2b2d | 1 | export function getDefaultSanitizeOptions () { |
2539932e C |
2 | return { |
3 | allowedTags: [ 'a', 'p', 'span', 'br', 'strong', 'em', 'ul', 'ol', 'li' ], | |
4 | allowedSchemes: [ 'http', 'https' ], | |
5 | allowedAttributes: { | |
6 | 'a': [ 'href', 'class', 'target', 'rel' ], | |
7 | '*': [ 'data-*' ] | |
8 | }, | |
9 | transformTags: { | |
10 | a: (tagName: string, attribs: any) => { | |
11 | let rel = 'noopener noreferrer' | |
12 | if (attribs.rel === 'me') rel += ' me' | |
9ff36c2d | 13 | |
2539932e C |
14 | return { |
15 | tagName, | |
16 | attribs: Object.assign(attribs, { | |
17 | target: '_blank', | |
18 | rel | |
19 | }) | |
20 | } | |
9ff36c2d C |
21 | } |
22 | } | |
23 | } | |
24 | } | |
4097c6d6 | 25 | |
c68e2b2d C |
26 | export function getTextOnlySanitizeOptions () { |
27 | return { | |
28 | allowedTags: [] as string[] | |
29 | } | |
30 | } | |
31 | ||
2539932e | 32 | export function getCustomMarkupSanitizeOptions (additionalAllowedTags: string[] = []) { |
c68e2b2d | 33 | const base = getDefaultSanitizeOptions() |
2539932e C |
34 | |
35 | return { | |
36 | allowedTags: [ | |
37 | ...base.allowedTags, | |
38 | ...additionalAllowedTags, | |
0d25c594 | 39 | 'div', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'img' |
2539932e | 40 | ], |
a4927884 C |
41 | allowedSchemes: [ |
42 | ...base.allowedSchemes, | |
43 | ||
44 | 'mailto' | |
45 | ], | |
2539932e C |
46 | allowedAttributes: { |
47 | ...base.allowedAttributes, | |
0d25c594 C |
48 | |
49 | 'img': [ 'src', 'alt' ], | |
2539932e C |
50 | '*': [ 'data-*', 'style' ] |
51 | } | |
52 | } | |
53 | } | |
54 | ||
4097c6d6 TP |
55 | // Thanks: https://stackoverflow.com/a/12034334 |
56 | export function escapeHTML (stringParam: string) { | |
57 | if (!stringParam) return '' | |
58 | ||
59 | const entityMap = { | |
60 | '&': '&', | |
61 | '<': '<', | |
62 | '>': '>', | |
63 | '"': '"', | |
64 | '\'': ''', | |
65 | '/': '/', | |
66 | '`': '`', | |
67 | '=': '=' | |
68 | } | |
69 | ||
70 | return String(stringParam).replace(/[&<>"'`=/]/g, s => entityMap[s]) | |
71 | } |