diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2017-04-27 14:42:22 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-04-27 14:42:22 +0200 |
commit | 88725d6ce85115ea3b0652007db5d40a1c069be3 (patch) | |
tree | 7a8965abda1cfc3b6c319ea19ee216755ac2f2df /app/lib/sanitize_config.rb | |
parent | be0a01145b5f303c5c506858146ccf6c6d5cee72 (diff) |
OEmbed support for PreviewCard (#2337)
* OEmbed support for PreviewCard * Improve ProviderDiscovery code failure treatment * Do not crawl links if there is a content warning, since those don't display a link card anyway * Reset db schema * Fresh migrate * Fix rubocop style issues Fix #1681 - return existing access token when applicable instead of creating new * Fix test * Extract http client to helper * Improve oembed controller
Diffstat (limited to 'app/lib/sanitize_config.rb')
-rw-r--r-- | app/lib/sanitize_config.rb | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/app/lib/sanitize_config.rb b/app/lib/sanitize_config.rb new file mode 100644 index 000000000..7cf1c3062 --- /dev/null +++ b/app/lib/sanitize_config.rb @@ -0,0 +1,42 @@ +# frozen_string_literal: true + +class Sanitize + module Config + HTTP_PROTOCOLS ||= ['http', 'https', :relative].freeze + + MASTODON_STRICT ||= freeze_config( + elements: %w(p br span a), + + attributes: { + 'a' => %w(href), + 'span' => %w(class), + }, + + protocols: { + 'a' => { 'href' => HTTP_PROTOCOLS }, + } + ) + + MASTODON_OEMBED ||= freeze_config merge( + RELAXED, + elements: RELAXED[:elements] + %w(audio embed iframe source video), + + attributes: merge( + RELAXED[:attributes], + 'audio' => %w(controls), + 'embed' => %w(height src type width), + 'iframe' => %w(allowfullscreen frameborder height scrolling src width), + 'source' => %w(src type), + 'video' => %w(controls height loop width), + 'div' => [:data] + ), + + protocols: merge( + RELAXED[:protocols], + 'embed' => { 'src' => HTTP_PROTOCOLS }, + 'iframe' => { 'src' => HTTP_PROTOCOLS }, + 'source' => { 'src' => HTTP_PROTOCOLS } + ) + ) + end +end |