X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Flib%2Femailer.ts;h=650a3c090948b2a19e533b4ea89b550ddaf7a56b;hb=9252a33d115bba85adcfbc18ab3725924642871c;hp=40f278608b3e66b8006ed7e55826b0e06619d4d1;hpb=17119e4a546522468878cf115558b17949ab50d0;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/lib/emailer.ts b/server/lib/emailer.ts
index 40f278608..650a3c090 100644
--- a/server/lib/emailer.ts
+++ b/server/lib/emailer.ts
@@ -5,6 +5,7 @@ import { join } from 'path'
 import { VideoChannelModel } from '@server/models/video/video-channel'
 import { MVideoBlacklistLightVideo, MVideoBlacklistVideo } from '@server/types/models/video/video-blacklist'
 import { MVideoImport, MVideoImportVideo } from '@server/types/models/video/video-import'
+import { SANITIZE_OPTIONS, TEXT_WITH_HTML_RULES } from '@shared/core-utils'
 import { AbuseState, EmailPayload, UserAbuse } from '@shared/models'
 import { SendEmailOptions } from '../../shared/models/server/emailer.model'
 import { isTestInstance, root } from '../helpers/core-utils'
@@ -20,14 +21,7 @@ const markdownItEmoji = require('markdown-it-emoji/light')
 const MarkdownItClass = require('markdown-it')
 const markdownIt = new MarkdownItClass('default', { linkify: true, breaks: true, html: true })
 
-markdownIt.enable([
-  'linkify',
-  'autolink',
-  'emphasis',
-  'link',
-  'newline',
-  'list'
-])
+markdownIt.enable(TEXT_WITH_HTML_RULES)
 
 markdownIt.use(markdownItEmoji)
 
@@ -39,27 +33,7 @@ const toSafeHtml = text => {
   const html = markdownIt.render(textWithLineFeed)
 
   // Convert to safe Html
-  return sanitizeHtml(html, {
-    allowedTags: [ 'a', 'p', 'span', 'br', 'strong', 'em', 'ul', 'ol', 'li' ],
-    allowedSchemes: [ 'http', 'https' ],
-    allowedAttributes: {
-      a: [ 'href', 'class', 'target', 'rel' ]
-    },
-    transformTags: {
-      a: (tagName, attribs) => {
-        let rel = 'noopener noreferrer'
-        if (attribs.rel === 'me') rel += ' me'
-
-        return {
-          tagName,
-          attribs: Object.assign(attribs, {
-            target: '_blank',
-            rel
-          })
-        }
-      }
-    }
-  })
+  return sanitizeHtml(html, SANITIZE_OPTIONS)
 }
 
 const Email = require('email-templates')