diff options
Diffstat (limited to 'app/lib/sanitize_config.rb')
-rw-r--r-- | app/lib/sanitize_config.rb | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/app/lib/sanitize_config.rb b/app/lib/sanitize_config.rb index 74a1d93fb..102dce2d2 100644 --- a/app/lib/sanitize_config.rb +++ b/app/lib/sanitize_config.rb @@ -30,12 +30,25 @@ class Sanitize next true if e =~ /^(h|p|u|dt|e)-/ # microformats classes next true if e =~ /^(mention|hashtag)$/ # semantic classes next true if e =~ /^(ellipsis|invisible)$/ # link formatting classes - next true if %w(center centered).include?(e) + next true if %w(center centered abstract).include?(e) end node['class'] = class_list.join(' ') end + DATA_NAME_ALLOWLIST_TRANSFORMER = lambda do |env| + node = env[:node] + name_list = node['data-name']&.split(/[\t\n\f\r ]/) + + return unless name_list + + name_list.keep_if do |name| + next true if %w(summary abstract).include?(name) + end + + node['data-name'] = name_list.join(' ') + end + LINK_REL_TRANSFORMER = lambda do |env| return unless env[:node_name] == 'a' and env[:node]['href'] @@ -71,10 +84,11 @@ class Sanitize 'a' => %w(href rel class title), 'span' => %w(class), 'abbr' => %w(title), - 'blockquote' => %w(cite), + 'blockquote' => %w(cite data-name), 'ol' => %w(start reversed), 'li' => %w(value), 'img' => %w(src alt title), + 'p' => %w(data-name), }, add_attributes: { @@ -90,6 +104,7 @@ class Sanitize transformers: [ CLASS_WHITELIST_TRANSFORMER, + DATA_NAME_ALLOWLIST_TRANSFORMER, UNSUPPORTED_HREF_TRANSFORMER, LINK_REL_TRANSFORMER, ] |