+const sanitizeHtml = require('sanitize-html')
+const markdownItEmoji = require('markdown-it-emoji/light')
+const MarkdownItClass = require('markdown-it')
+const markdownIt = new MarkdownItClass('default', { linkify: true, breaks: true, html: true })
+
+markdownIt.enable([
+ 'linkify',
+ 'autolink',
+ 'emphasis',
+ 'link',
+ 'newline',
+ 'list'
+])
+
+markdownIt.use(markdownItEmoji)
+
+const toSafeHtml = text => {
+ // Restore line feed
+ const textWithLineFeed = text.replace(/<br.?\/?>/g, '\r\n')
+
+ // Convert possible markdown (emojis, emphasis and lists) to html
+ const html = markdownIt.render(textWithLineFeed)
+
+ // Convert to safe Html
+ return sanitizeHtml(html, {
+ allowedTags: [ 'a', 'p', 'span', 'br', 'strong', 'em', 'ul', 'ol', 'li' ],
+ allowedSchemes: [ 'http', 'https' ],
+ allowedAttributes: {
+ a: [ 'href', 'class', 'target', 'rel' ]
+ },
+ transformTags: {
+ a: (tagName, attribs) => {
+ let rel = 'noopener noreferrer'
+ if (attribs.rel === 'me') rel += ' me'
+
+ return {
+ tagName,
+ attribs: Object.assign(attribs, {
+ target: '_blank',
+ rel
+ })
+ }
+ }
+ }
+ })
+}
+