]>
Commit | Line | Data |
---|---|---|
9ff36c2d C |
1 | export const SANITIZE_OPTIONS = { |
2 | allowedTags: [ 'a', 'p', 'span', 'br', 'strong', 'em', 'ul', 'ol', 'li' ], | |
3 | allowedSchemes: [ 'http', 'https' ], | |
4 | allowedAttributes: { | |
5 | a: [ 'href', 'class', 'target', 'rel' ] | |
6 | }, | |
7 | transformTags: { | |
47dc5db9 | 8 | a: (tagName: string, attribs: any) => { |
9ff36c2d C |
9 | let rel = 'noopener noreferrer' |
10 | if (attribs.rel === 'me') rel += ' me' | |
11 | ||
12 | return { | |
13 | tagName, | |
14 | attribs: Object.assign(attribs, { | |
15 | target: '_blank', | |
16 | rel | |
17 | }) | |
18 | } | |
19 | } | |
20 | } | |
21 | } | |
4097c6d6 TP |
22 | |
23 | // Thanks: https://stackoverflow.com/a/12034334 | |
24 | export function escapeHTML (stringParam: string) { | |
25 | if (!stringParam) return '' | |
26 | ||
27 | const entityMap = { | |
28 | '&': '&', | |
29 | '<': '<', | |
30 | '>': '>', | |
31 | '"': '"', | |
32 | '\'': ''', | |
33 | '/': '/', | |
34 | '`': '`', | |
35 | '=': '=' | |
36 | } | |
37 | ||
38 | return String(stringParam).replace(/[&<>"'`=/]/g, s => entityMap[s]) | |
39 | } |