diff options
author | Chocobozzz <me@florianbigard.com> | 2018-01-04 17:50:30 +0100 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2018-01-04 17:50:30 +0100 |
commit | 2890b615f31ab7d519d8be66b49ff8712df90c51 (patch) | |
tree | 4ad6bf366416a1cbc4d39bc8b7747f6d985b4d19 /server/helpers | |
parent | c3badc81fe3d78601fb278a7f28eeed63060d300 (diff) | |
download | PeerTube-2890b615f31ab7d519d8be66b49ff8712df90c51.tar.gz PeerTube-2890b615f31ab7d519d8be66b49ff8712df90c51.tar.zst PeerTube-2890b615f31ab7d519d8be66b49ff8712df90c51.zip |
Handle HTML is comments
Diffstat (limited to 'server/helpers')
-rw-r--r-- | server/helpers/custom-validators/activitypub/video-comments.ts | 11 |
1 files changed, 0 insertions, 11 deletions
diff --git a/server/helpers/custom-validators/activitypub/video-comments.ts b/server/helpers/custom-validators/activitypub/video-comments.ts index 6928aced3..ce1209035 100644 --- a/server/helpers/custom-validators/activitypub/video-comments.ts +++ b/server/helpers/custom-validators/activitypub/video-comments.ts | |||
@@ -1,7 +1,6 @@ | |||
1 | import * as validator from 'validator' | 1 | import * as validator from 'validator' |
2 | import { exists, isDateValid } from '../misc' | 2 | import { exists, isDateValid } from '../misc' |
3 | import { isActivityPubUrlValid, isBaseActivityValid } from './misc' | 3 | import { isActivityPubUrlValid, isBaseActivityValid } from './misc' |
4 | import * as sanitizeHtml from 'sanitize-html' | ||
5 | 4 | ||
6 | function isVideoCommentCreateActivityValid (activity: any) { | 5 | function isVideoCommentCreateActivityValid (activity: any) { |
7 | return isBaseActivityValid(activity, 'Create') && | 6 | return isBaseActivityValid(activity, 'Create') && |
@@ -11,7 +10,6 @@ function isVideoCommentCreateActivityValid (activity: any) { | |||
11 | function isVideoCommentObjectValid (comment: any) { | 10 | function isVideoCommentObjectValid (comment: any) { |
12 | return comment.type === 'Note' && | 11 | return comment.type === 'Note' && |
13 | isActivityPubUrlValid(comment.id) && | 12 | isActivityPubUrlValid(comment.id) && |
14 | sanitizeCommentHTML(comment) && | ||
15 | isCommentContentValid(comment.content) && | 13 | isCommentContentValid(comment.content) && |
16 | isActivityPubUrlValid(comment.inReplyTo) && | 14 | isActivityPubUrlValid(comment.inReplyTo) && |
17 | isDateValid(comment.published) && | 15 | isDateValid(comment.published) && |
@@ -31,15 +29,6 @@ export { | |||
31 | 29 | ||
32 | // --------------------------------------------------------------------------- | 30 | // --------------------------------------------------------------------------- |
33 | 31 | ||
34 | function sanitizeCommentHTML (comment: any) { | ||
35 | return sanitizeHtml(comment.content, { | ||
36 | allowedTags: [ 'b', 'i', 'em', 'span', 'a' ], | ||
37 | allowedAttributes: { | ||
38 | 'a': [ 'href' ] | ||
39 | } | ||
40 | }) | ||
41 | } | ||
42 | |||
43 | function isCommentContentValid (content: any) { | 32 | function isCommentContentValid (content: any) { |
44 | return exists(content) && validator.isLength('' + content, { min: 1 }) | 33 | return exists(content) && validator.isLength('' + content, { min: 1 }) |
45 | } | 34 | } |