github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-29 01:31:35 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Clean up sanitization code

Browse Source 
- remove html table test, this is soon to be deprecated
- move sanitization tests into pretty text.rb
- fix up whitelister so it makes a copy of options
This commit is contained in:
Sam
2017-06-26 15:21:27 -04:00
parent febfe27669
commit 8967d50dc2
4 changed files with 18 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/assets/javascripts/pretty-text/engines/discourse-markdown-it.js.es6
View File

@ -151,13 +151,12 @@ export function setup(opts, siteSettings, state) {
opts.setup = true;
if (!opts.discourse.sanitizer) {
opts.sanitizer = opts.discourse.sanitizer = (!!opts.discourse.sanitize) ? sanitize : a=>a;
const whiteLister = new WhiteLister(opts.discourse);
opts.sanitizer = opts.discourse.sanitizer = (!!opts.discourse.sanitize) ? a=>sanitize(a, whiteLister) : a=>a;
}
}
export function cook(raw, opts) {
const whiteLister = new WhiteLister(opts.discourse);
// we still have to hoist html_raw nodes so they bypass the whitelister
// this is the case for oneboxes
let hoisted = {};
@ -165,7 +164,7 @@ export function cook(raw, opts) {
opts.discourse.hoisted = hoisted;
const rendered = opts.engine.render(raw);
let cooked = opts.discourse.sanitizer(rendered, whiteLister).trim();
let cooked = opts.discourse.sanitizer(rendered).trim();
const keys = Object.keys(hoisted);
if (keys.length) {