diff options
| author | Eugen Rochko <eugen@zeonfederated.com> | 2019-06-16 21:46:36 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-06-16 21:46:36 +0200 |
| commit | 103a9f4466986ef57fc4f3f15dea95866bdead3f (patch) | |
| tree | d1eb4f964ccb0c8b36880f99db8ed95fdf5d0cbf | |
| parent | 65efe892cf56cd4f998de885bccc36e9231d8144 (diff) | |
Fix sanitizer making block level elements unreadable (#10836)
Fix #10834
| -rw-r--r-- | app/lib/sanitize_config.rb | 15 | ||||
| -rw-r--r-- | spec/lib/sanitize_config_spec.rb | 26 |
2 files changed, 41 insertions, 0 deletions
diff --git a/app/lib/sanitize_config.rb b/app/lib/sanitize_config.rb index 1bba4a5a6..e82a2a33a 100644 --- a/app/lib/sanitize_config.rb +++ b/app/lib/sanitize_config.rb @@ -19,6 +19,20 @@ class Sanitize node['class'] = class_list.join(' ') end + UNSUPPORTED_ELEMENTS_TRANSFORMER = lambda do |env| + return unless %w(h1 h2 h3 h4 h5 h6 blockquote pre ul ol li).include?(env[:node_name]) + + case env[:node_name] + when 'li' + env[:node].traverse do |node| + node.add_next_sibling('<br>') if node.next_sibling + node.replace(node.children) unless node.text? + end + else + env[:node].name = 'p' + end + end + MASTODON_STRICT ||= freeze_config( elements: %w(p br span a), @@ -40,6 +54,7 @@ class Sanitize transformers: [ CLASS_WHITELIST_TRANSFORMER, + UNSUPPORTED_ELEMENTS_TRANSFORMER, ] ) diff --git a/spec/lib/sanitize_config_spec.rb b/spec/lib/sanitize_config_spec.rb new file mode 100644 index 000000000..bb3cf6f0b --- /dev/null +++ b/spec/lib/sanitize_config_spec.rb @@ -0,0 +1,26 @@ +# frozen_string_literal: true + +require 'rails_helper' +require Rails.root.join('app', 'lib', 'sanitize_config.rb') + +describe Sanitize::Config do + describe '::MASTODON_STRICT' do + subject { Sanitize::Config::MASTODON_STRICT } + + it 'converts h1 to p' do + expect(Sanitize.fragment('<h1>Foo</h1>', subject)).to eq '<p>Foo</p>' + end + + it 'converts ul to p' do + expect(Sanitize.fragment('<p>Check out:</p><ul><li>Foo</li><li>Bar</li></ul>', subject)).to eq '<p>Check out:</p><p>Foo<br>Bar</p>' + end + + it 'converts p inside ul' do + expect(Sanitize.fragment('<ul><li><p>Foo</p><p>Bar</p></li><li>Baz</li></ul>', subject)).to eq '<p>Foo<br>Bar<br>Baz</p>' + end + + it 'converts ul inside ul' do + expect(Sanitize.fragment('<ul><li>Foo</li><li><ul><li>Bar</li><li>Baz</li></ul></li></ul>', subject)).to eq '<p>Foo<br>Bar<br>Baz</p>' + end + end +end |