From 9ff36c2d70956d2775d207c7809adb6fe7f2f2a5 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Tue, 17 Nov 2020 14:34:09 +0100 Subject: Refactor markdown/sanitize html code --- .../src/app/core/renderer/html-renderer.service.ts | 23 ++-------------- client/src/app/core/renderer/markdown.service.ts | 32 ++++++++-------------- 2 files changed, 14 insertions(+), 41 deletions(-) (limited to 'client/src/app') diff --git a/client/src/app/core/renderer/html-renderer.service.ts b/client/src/app/core/renderer/html-renderer.service.ts index 302d92ed9..1fe91b96b 100644 --- a/client/src/app/core/renderer/html-renderer.service.ts +++ b/client/src/app/core/renderer/html-renderer.service.ts @@ -1,5 +1,6 @@ import { Injectable } from '@angular/core' import { LinkifierService } from './linkifier.service' +import { SANITIZE_OPTIONS } from '@shared/core-utils/renderer/html' @Injectable() export class HtmlRendererService { @@ -25,27 +26,7 @@ export class HtmlRendererService { // Convert possible markdown to html const html = this.linkifier.linkify(text) - return this.sanitizeHtml(html, { - allowedTags: [ 'a', 'p', 'span', 'br', 'strong', 'em', 'ul', 'ol', 'li' ], - allowedSchemes: [ 'http', 'https' ], - allowedAttributes: { - 'a': [ 'href', 'class', 'target', 'rel' ] - }, - transformTags: { - a: (tagName, attribs) => { - let rel = 'noopener noreferrer' - if (attribs.rel === 'me') rel += ' me' - - return { - tagName, - attribs: Object.assign(attribs, { - target: '_blank', - rel - }) - } - } - } - }) + return this.sanitizeHtml(html, SANITIZE_OPTIONS) } private async loadSanitizeHtml () { diff --git a/client/src/app/core/renderer/markdown.service.ts b/client/src/app/core/renderer/markdown.service.ts index 0e5c2ed75..0fde3f99d 100644 --- a/client/src/app/core/renderer/markdown.service.ts +++ b/client/src/app/core/renderer/markdown.service.ts @@ -1,6 +1,13 @@ import * as MarkdownIt from 'markdown-it' import { buildVideoLink } from 'src/assets/player/utils' import { Injectable } from '@angular/core' +import { + COMPLETE_RULES, + ENHANCED_RULES, + ENHANCED_WITH_HTML_RULES, + TEXT_RULES, + TEXT_WITH_HTML_RULES +} from '@shared/core-utils/renderer/markdown' import { HtmlRendererService } from './html-renderer.service' type MarkdownParsers = { @@ -25,21 +32,6 @@ type MarkdownParserConfigs = { @Injectable() export class MarkdownService { - static TEXT_RULES = [ - 'linkify', - 'autolink', - 'emphasis', - 'link', - 'newline', - 'list' - ] - static TEXT_WITH_HTML_RULES = MarkdownService.TEXT_RULES.concat([ 'html_inline', 'html_block' ]) - - static ENHANCED_RULES = MarkdownService.TEXT_RULES.concat([ 'image' ]) - static ENHANCED_WITH_HTML_RULES = MarkdownService.TEXT_WITH_HTML_RULES.concat([ 'image' ]) - - static COMPLETE_RULES = MarkdownService.ENHANCED_WITH_HTML_RULES.concat([ 'block', 'inline', 'heading', 'paragraph' ]) - private markdownParsers: MarkdownParsers = { textMarkdownIt: null, textWithHTMLMarkdownIt: null, @@ -48,13 +40,13 @@ export class MarkdownService { completeMarkdownIt: null } private parsersConfig: MarkdownParserConfigs = { - textMarkdownIt: { rules: MarkdownService.TEXT_RULES, html: false }, - textWithHTMLMarkdownIt: { rules: MarkdownService.TEXT_WITH_HTML_RULES, html: true, escape: true }, + textMarkdownIt: { rules: TEXT_RULES, html: false }, + textWithHTMLMarkdownIt: { rules: TEXT_WITH_HTML_RULES, html: true, escape: true }, - enhancedMarkdownIt: { rules: MarkdownService.ENHANCED_RULES, html: false }, - enhancedWithHTMLMarkdownIt: { rules: MarkdownService.ENHANCED_WITH_HTML_RULES, html: true, escape: true }, + enhancedMarkdownIt: { rules: ENHANCED_RULES, html: false }, + enhancedWithHTMLMarkdownIt: { rules: ENHANCED_WITH_HTML_RULES, html: true, escape: true }, - completeMarkdownIt: { rules: MarkdownService.COMPLETE_RULES, html: true } + completeMarkdownIt: { rules: COMPLETE_RULES, html: true } } constructor (private htmlRenderer: HtmlRendererService) {} -- cgit v1.2.3