jyt94
/
closedSocialMastodon
forked from closed-social/mastodon
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
闭社主体 forked from https://github.com/tootsuite/mastodon
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2672 Commits
3 Branches
123 MiB
Tree: 26bc591572
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '26bc591572'
${ noResults }
closedSocialMastodon/app/lib/sanitize_config.rb

49 lines
1.2 KiB
Raw Normal View History

OEmbed support for PreviewCard (#2337) * OEmbed support for PreviewCard * Improve ProviderDiscovery code failure treatment * Do not crawl links if there is a content warning, since those don't display a link card anyway * Reset db schema * Fresh migrate * Fix rubocop style issues Fix #1681 - return existing access token when applicable instead of creating new * Fix test * Extract http client to helper * Improve oembed controller
7 years ago
Add target=_blank to user note (#2622) * Add target=_blank to user note Open new window when click link from user profile in remote instance. * fix rubocop
7 years ago
OEmbed support for PreviewCard (#2337) * OEmbed support for PreviewCard * Improve ProviderDiscovery code failure treatment * Do not crawl links if there is a content warning, since those don't display a link card anyway * Reset db schema * Fresh migrate * Fix rubocop style issues Fix #1681 - return existing access token when applicable instead of creating new * Fix test * Extract http client to helper * Improve oembed controller
7 years ago
 
  1. # frozen_string_literal: true
  2. 

  3. class Sanitize
  4.   module Config
  5.     HTTP_PROTOCOLS ||= ['http', 'https', :relative].freeze
  6. 

  7.     MASTODON_STRICT ||= freeze_config(
  8.       elements: %w(p br span a),
  9. 

  10.       attributes: {
  11.         'a'    => %w(href),
  12.         'span' => %w(class),
  13.       },
  14. 

  15.       add_attributes: {
  16.         'a' => {
  17.           'rel' => 'nofollow noopener',
  18.           'target' => '_blank',
  19.         },
  20.       },
  21. 

  22.       protocols: {
  23.         'a' => { 'href' => HTTP_PROTOCOLS },
  24.       }
  25.     )
  26. 

  27.     MASTODON_OEMBED ||= freeze_config merge(
  28.       RELAXED,
  29.       elements: RELAXED[:elements] + %w(audio embed iframe source video),
  30. 

  31.       attributes: merge(
  32.         RELAXED[:attributes],
  33.         'audio'  => %w(controls),
  34.         'embed'  => %w(height src type width),
  35.         'iframe' => %w(allowfullscreen frameborder height scrolling src width),
  36.         'source' => %w(src type),
  37.         'video'  => %w(controls height loop width),
  38.         'div'    => [:data]
  39.       ),
  40. 

  41.       protocols: merge(
  42.         RELAXED[:protocols],
  43.         'embed'  => { 'src' => HTTP_PROTOCOLS },
  44.         'iframe' => { 'src' => HTTP_PROTOCOLS },
  45.         'source' => { 'src' => HTTP_PROTOCOLS }
  46.       )
  47.     )
  48.   end
  49. end