aboutsummaryrefslogtreecommitdiffhomepage
path: root/client/src
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2020-11-17 14:34:09 +0100
committerChocobozzz <me@florianbigard.com>2020-11-17 14:34:09 +0100
commit9ff36c2d70956d2775d207c7809adb6fe7f2f2a5 (patch)
treec9058f8210d9674b69307c4f7c5ccde85a1ba597 /client/src
parent9afb5c10e5935e667e33219bdbd775e9ed1b4330 (diff)
downloadPeerTube-9ff36c2d70956d2775d207c7809adb6fe7f2f2a5.tar.gz
PeerTube-9ff36c2d70956d2775d207c7809adb6fe7f2f2a5.tar.zst
PeerTube-9ff36c2d70956d2775d207c7809adb6fe7f2f2a5.zip
Refactor markdown/sanitize html code
Diffstat (limited to 'client/src')
-rw-r--r--client/src/app/core/renderer/html-renderer.service.ts23
-rw-r--r--client/src/app/core/renderer/markdown.service.ts32
2 files changed, 14 insertions, 41 deletions
diff --git a/client/src/app/core/renderer/html-renderer.service.ts b/client/src/app/core/renderer/html-renderer.service.ts
index 302d92ed9..1fe91b96b 100644
--- a/client/src/app/core/renderer/html-renderer.service.ts
+++ b/client/src/app/core/renderer/html-renderer.service.ts
@@ -1,5 +1,6 @@
1import { Injectable } from '@angular/core' 1import { Injectable } from '@angular/core'
2import { LinkifierService } from './linkifier.service' 2import { LinkifierService } from './linkifier.service'
3import { SANITIZE_OPTIONS } from '@shared/core-utils/renderer/html'
3 4
4@Injectable() 5@Injectable()
5export class HtmlRendererService { 6export class HtmlRendererService {
@@ -25,27 +26,7 @@ export class HtmlRendererService {
25 // Convert possible markdown to html 26 // Convert possible markdown to html
26 const html = this.linkifier.linkify(text) 27 const html = this.linkifier.linkify(text)
27 28
28 return this.sanitizeHtml(html, { 29 return this.sanitizeHtml(html, SANITIZE_OPTIONS)
29 allowedTags: [ 'a', 'p', 'span', 'br', 'strong', 'em', 'ul', 'ol', 'li' ],
30 allowedSchemes: [ 'http', 'https' ],
31 allowedAttributes: {
32 'a': [ 'href', 'class', 'target', 'rel' ]
33 },
34 transformTags: {
35 a: (tagName, attribs) => {
36 let rel = 'noopener noreferrer'
37 if (attribs.rel === 'me') rel += ' me'
38
39 return {
40 tagName,
41 attribs: Object.assign(attribs, {
42 target: '_blank',
43 rel
44 })
45 }
46 }
47 }
48 })
49 } 30 }
50 31
51 private async loadSanitizeHtml () { 32 private async loadSanitizeHtml () {
diff --git a/client/src/app/core/renderer/markdown.service.ts b/client/src/app/core/renderer/markdown.service.ts
index 0e5c2ed75..0fde3f99d 100644
--- a/client/src/app/core/renderer/markdown.service.ts
+++ b/client/src/app/core/renderer/markdown.service.ts
@@ -1,6 +1,13 @@
1import * as MarkdownIt from 'markdown-it' 1import * as MarkdownIt from 'markdown-it'
2import { buildVideoLink } from 'src/assets/player/utils' 2import { buildVideoLink } from 'src/assets/player/utils'
3import { Injectable } from '@angular/core' 3import { Injectable } from '@angular/core'
4import {
5 COMPLETE_RULES,
6 ENHANCED_RULES,
7 ENHANCED_WITH_HTML_RULES,
8 TEXT_RULES,
9 TEXT_WITH_HTML_RULES
10} from '@shared/core-utils/renderer/markdown'
4import { HtmlRendererService } from './html-renderer.service' 11import { HtmlRendererService } from './html-renderer.service'
5 12
6type MarkdownParsers = { 13type MarkdownParsers = {
@@ -25,21 +32,6 @@ type MarkdownParserConfigs = {
25 32
26@Injectable() 33@Injectable()
27export class MarkdownService { 34export class MarkdownService {
28 static TEXT_RULES = [
29 'linkify',
30 'autolink',
31 'emphasis',
32 'link',
33 'newline',
34 'list'
35 ]
36 static TEXT_WITH_HTML_RULES = MarkdownService.TEXT_RULES.concat([ 'html_inline', 'html_block' ])
37
38 static ENHANCED_RULES = MarkdownService.TEXT_RULES.concat([ 'image' ])
39 static ENHANCED_WITH_HTML_RULES = MarkdownService.TEXT_WITH_HTML_RULES.concat([ 'image' ])
40
41 static COMPLETE_RULES = MarkdownService.ENHANCED_WITH_HTML_RULES.concat([ 'block', 'inline', 'heading', 'paragraph' ])
42
43 private markdownParsers: MarkdownParsers = { 35 private markdownParsers: MarkdownParsers = {
44 textMarkdownIt: null, 36 textMarkdownIt: null,
45 textWithHTMLMarkdownIt: null, 37 textWithHTMLMarkdownIt: null,
@@ -48,13 +40,13 @@ export class MarkdownService {
48 completeMarkdownIt: null 40 completeMarkdownIt: null
49 } 41 }
50 private parsersConfig: MarkdownParserConfigs = { 42 private parsersConfig: MarkdownParserConfigs = {
51 textMarkdownIt: { rules: MarkdownService.TEXT_RULES, html: false }, 43 textMarkdownIt: { rules: TEXT_RULES, html: false },
52 textWithHTMLMarkdownIt: { rules: MarkdownService.TEXT_WITH_HTML_RULES, html: true, escape: true }, 44 textWithHTMLMarkdownIt: { rules: TEXT_WITH_HTML_RULES, html: true, escape: true },
53 45
54 enhancedMarkdownIt: { rules: MarkdownService.ENHANCED_RULES, html: false }, 46 enhancedMarkdownIt: { rules: ENHANCED_RULES, html: false },
55 enhancedWithHTMLMarkdownIt: { rules: MarkdownService.ENHANCED_WITH_HTML_RULES, html: true, escape: true }, 47 enhancedWithHTMLMarkdownIt: { rules: ENHANCED_WITH_HTML_RULES, html: true, escape: true },
56 48
57 completeMarkdownIt: { rules: MarkdownService.COMPLETE_RULES, html: true } 49 completeMarkdownIt: { rules: COMPLETE_RULES, html: true }
58 } 50 }
59 51
60 constructor (private htmlRenderer: HtmlRendererService) {} 52 constructor (private htmlRenderer: HtmlRendererService) {}