diff options
Diffstat (limited to 'app/lib/formatter.rb')
| -rw-r--r-- | app/lib/formatter.rb | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/app/lib/formatter.rb b/app/lib/formatter.rb index 1d8e90d1f..5ae6238d9 100644 --- a/app/lib/formatter.rb +++ b/app/lib/formatter.rb @@ -1,13 +1,13 @@ # frozen_string_literal: true require 'singleton' +require_relative './sanitize_config' class Formatter include Singleton include RoutingHelper include ActionView::Helpers::TextHelper - include ActionView::Helpers::SanitizeHelper def format(status) return reformat(status.content) unless status.local? @@ -23,7 +23,7 @@ class Formatter end def reformat(html) - sanitize(html, tags: %w(a br p span), attributes: %w(href rel class)) + sanitize(html, Sanitize::Config::MASTODON_STRICT) end def plaintext(status) @@ -43,6 +43,10 @@ class Formatter html.html_safe # rubocop:disable Rails/OutputSafety end + def sanitize(html, config) + Sanitize.fragment(html, config) + end + private def encode(html) |