mirror of
https://github.com/superseriousbusiness/gotosocial
synced 2025-06-05 21:59:39 +02:00
Link hashtag bug (#121)
* link + hashtag bug * remove printlns * tidy up some duplicated code
This commit is contained in:
@@ -30,7 +30,13 @@ import (
|
||||
var regular *bluemonday.Policy = bluemonday.UGCPolicy().
|
||||
RequireNoReferrerOnLinks(true).
|
||||
RequireNoFollowOnLinks(true).
|
||||
RequireCrossOriginAnonymous(true)
|
||||
RequireCrossOriginAnonymous(true).
|
||||
AddTargetBlankToFullyQualifiedLinks(true)
|
||||
|
||||
// outgoing policy should be used on statuses we've already parsed and added our own elements etc to. It is less strict than regular.
|
||||
var outgoing *bluemonday.Policy = regular.
|
||||
AllowAttrs("class", "href", "rel").OnElements("a").
|
||||
AllowAttrs("class").OnElements("span")
|
||||
|
||||
// '[C]an be thought of as equivalent to stripping all HTML elements and their attributes as it has nothing on its allowlist.
|
||||
// An example usage scenario would be blog post titles where HTML tags are not expected at all
|
||||
@@ -48,3 +54,9 @@ func SanitizeHTML(in string) string {
|
||||
func RemoveHTML(in string) string {
|
||||
return strict.Sanitize(in)
|
||||
}
|
||||
|
||||
// SanitizeOutgoing cleans up HTML in the given string, allowing through only safe elements and elements that were added during the parsing process.
|
||||
// This should be used on text that we've already converted into HTML, just to catch any weirdness.
|
||||
func SanitizeOutgoing(in string) string {
|
||||
return outgoing.Sanitize(in)
|
||||
}
|
||||
|
Reference in New Issue
Block a user