diff options
| author | Chocobozzz <me@florianbigard.com> | 2020-11-17 14:34:09 +0100 |
|---|---|---|
| committer | Chocobozzz <me@florianbigard.com> | 2020-11-17 14:34:09 +0100 |
| commit | 9ff36c2d70956d2775d207c7809adb6fe7f2f2a5 (patch) | |
| tree | c9058f8210d9674b69307c4f7c5ccde85a1ba597 /server | |
| parent | 9afb5c10e5935e667e33219bdbd775e9ed1b4330 (diff) | |
| download | PeerTube-9ff36c2d70956d2775d207c7809adb6fe7f2f2a5.tar.gz PeerTube-9ff36c2d70956d2775d207c7809adb6fe7f2f2a5.tar.zst PeerTube-9ff36c2d70956d2775d207c7809adb6fe7f2f2a5.zip | |
Refactor markdown/sanitize html code
Diffstat (limited to 'server')
| -rw-r--r-- | server/lib/emailer.ts | 32 |
1 files changed, 3 insertions, 29 deletions
diff --git a/server/lib/emailer.ts b/server/lib/emailer.ts index 40f278608..650a3c090 100644 --- a/server/lib/emailer.ts +++ b/server/lib/emailer.ts | |||
| @@ -5,6 +5,7 @@ import { join } from 'path' | |||
| 5 | import { VideoChannelModel } from '@server/models/video/video-channel' | 5 | import { VideoChannelModel } from '@server/models/video/video-channel' |
| 6 | import { MVideoBlacklistLightVideo, MVideoBlacklistVideo } from '@server/types/models/video/video-blacklist' | 6 | import { MVideoBlacklistLightVideo, MVideoBlacklistVideo } from '@server/types/models/video/video-blacklist' |
| 7 | import { MVideoImport, MVideoImportVideo } from '@server/types/models/video/video-import' | 7 | import { MVideoImport, MVideoImportVideo } from '@server/types/models/video/video-import' |
| 8 | import { SANITIZE_OPTIONS, TEXT_WITH_HTML_RULES } from '@shared/core-utils' | ||
| 8 | import { AbuseState, EmailPayload, UserAbuse } from '@shared/models' | 9 | import { AbuseState, EmailPayload, UserAbuse } from '@shared/models' |
| 9 | import { SendEmailOptions } from '../../shared/models/server/emailer.model' | 10 | import { SendEmailOptions } from '../../shared/models/server/emailer.model' |
| 10 | import { isTestInstance, root } from '../helpers/core-utils' | 11 | import { isTestInstance, root } from '../helpers/core-utils' |
| @@ -20,14 +21,7 @@ const markdownItEmoji = require('markdown-it-emoji/light') | |||
| 20 | const MarkdownItClass = require('markdown-it') | 21 | const MarkdownItClass = require('markdown-it') |
| 21 | const markdownIt = new MarkdownItClass('default', { linkify: true, breaks: true, html: true }) | 22 | const markdownIt = new MarkdownItClass('default', { linkify: true, breaks: true, html: true }) |
| 22 | 23 | ||
| 23 | markdownIt.enable([ | 24 | markdownIt.enable(TEXT_WITH_HTML_RULES) |
| 24 | 'linkify', | ||
| 25 | 'autolink', | ||
| 26 | 'emphasis', | ||
| 27 | 'link', | ||
| 28 | 'newline', | ||
| 29 | 'list' | ||
| 30 | ]) | ||
| 31 | 25 | ||
| 32 | markdownIt.use(markdownItEmoji) | 26 | markdownIt.use(markdownItEmoji) |
| 33 | 27 | ||
| @@ -39,27 +33,7 @@ const toSafeHtml = text => { | |||
| 39 | const html = markdownIt.render(textWithLineFeed) | 33 | const html = markdownIt.render(textWithLineFeed) |
| 40 | 34 | ||
| 41 | // Convert to safe Html | 35 | // Convert to safe Html |
| 42 | return sanitizeHtml(html, { | 36 | return sanitizeHtml(html, SANITIZE_OPTIONS) |
| 43 | allowedTags: [ 'a', 'p', 'span', 'br', 'strong', 'em', 'ul', 'ol', 'li' ], | ||
| 44 | allowedSchemes: [ 'http', 'https' ], | ||
| 45 | allowedAttributes: { | ||
| 46 | a: [ 'href', 'class', 'target', 'rel' ] | ||
| 47 | }, | ||
| 48 | transformTags: { | ||
| 49 | a: (tagName, attribs) => { | ||
| 50 | let rel = 'noopener noreferrer' | ||
| 51 | if (attribs.rel === 'me') rel += ' me' | ||
| 52 | |||
| 53 | return { | ||
| 54 | tagName, | ||
| 55 | attribs: Object.assign(attribs, { | ||
| 56 | target: '_blank', | ||
| 57 | rel | ||
| 58 | }) | ||
| 59 | } | ||
| 60 | } | ||
| 61 | } | ||
| 62 | }) | ||
| 63 | } | 37 | } |
| 64 | 38 | ||
| 65 | const Email = require('email-templates') | 39 | const Email = require('email-templates') |