about summary refs log tree commit diff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/mastodon/email_domain_blocks_cli.rb33
-rw-r--r--lib/mastodon/version.rb2
-rw-r--r--lib/sanitize_ext/sanitize_config.rb57
3 files changed, 58 insertions, 34 deletions
diff --git a/lib/mastodon/email_domain_blocks_cli.rb b/lib/mastodon/email_domain_blocks_cli.rb
index f79df302a..f39f47069 100644
--- a/lib/mastodon/email_domain_blocks_cli.rb
+++ b/lib/mastodon/email_domain_blocks_cli.rb
@@ -32,9 +32,9 @@ module Mastodon
       multiple domains to the command.
 
       When the --with-dns-records option is given, an attempt to resolve the
-      given domains' DNS records will be made and the results (A, AAAA and MX) will
-      also be blocked. This can be helpful if you are blocking an e-mail server that
-      has many different domains pointing to it as it allows you to essentially block
+      given domains' MX records will be made and the results will also be blocked.
+      This can be helpful if you are blocking an e-mail server that has many
+      different domains pointing to it as it allows you to essentially block
       it at the root.
     LONG_DESC
     def add(*domains)
@@ -53,26 +53,19 @@ module Mastodon
           next
         end
 
-        email_domain_block = EmailDomainBlock.new(domain: domain, with_dns_records: options[:with_dns_records] || false)
-        email_domain_block.save!
-        processed += 1
-
-        next unless email_domain_block.with_dns_records?
-
-        hostnames = []
-        ips       = []
-
-        Resolv::DNS.open do |dns|
-          dns.timeouts = 5
-          hostnames = dns.getresources(email_domain_block.domain, Resolv::DNS::Resource::IN::MX).to_a.map { |e| e.exchange.to_s }
-
-          ([email_domain_block.domain] + hostnames).uniq.each do |hostname|
-            ips.concat(dns.getresources(hostname, Resolv::DNS::Resource::IN::A).to_a.map { |e| e.address.to_s })
-            ips.concat(dns.getresources(hostname, Resolv::DNS::Resource::IN::AAAA).to_a.map { |e| e.address.to_s })
+        other_domains = []
+        if options[:with_dns_records]
+          Resolv::DNS.open do |dns|
+            dns.timeouts = 5
+            other_domains = dns.getresources(@email_domain_block.domain, Resolv::DNS::Resource::IN::MX).to_a
           end
         end
 
-        (hostnames + ips).uniq.each do |hostname|
+        email_domain_block = EmailDomainBlock.new(domain: domain, other_domains: other_domains)
+        email_domain_block.save!
+        processed += 1
+
+        (email_domain_block.other_domains || []).uniq.each do |hostname|
           another_email_domain_block = EmailDomainBlock.new(domain: hostname, parent: email_domain_block)
 
           if EmailDomainBlock.where(domain: hostname).exists?
diff --git a/lib/mastodon/version.rb b/lib/mastodon/version.rb
index cdeeb6ea2..ba060a7da 100644
--- a/lib/mastodon/version.rb
+++ b/lib/mastodon/version.rb
@@ -17,7 +17,7 @@ module Mastodon
     end
 
     def flags
-      'rc1'
+      ''
     end
 
     def suffix
diff --git a/lib/sanitize_ext/sanitize_config.rb b/lib/sanitize_ext/sanitize_config.rb
index fed504cf2..c02de967b 100644
--- a/lib/sanitize_ext/sanitize_config.rb
+++ b/lib/sanitize_ext/sanitize_config.rb
@@ -56,18 +56,6 @@ class Sanitize
       end
     end
 
-    LINK_REL_TRANSFORMER = lambda do |env|
-      return unless env[:node_name] == 'a' and env[:node]['href']
-
-      node = env[:node]
-
-      rel = (node['rel'] || '').split(' ') & ['tag']
-      unless env[:config][:outgoing] && TagManager.instance.local_url?(node['href'])
-        rel += ['nofollow', 'noopener', 'noreferrer']
-      end
-      node['rel'] = rel.join(' ')
-    end
-
     UNSUPPORTED_HREF_TRANSFORMER = lambda do |env|
       return unless env[:node_name] == 'a'
 
@@ -98,6 +86,7 @@ class Sanitize
 
       add_attributes: {
         'a' => {
+          'rel' => 'nofollow noopener noreferrer',
           'target' => '_blank',
         },
       },
@@ -111,7 +100,6 @@ class Sanitize
         CLASS_WHITELIST_TRANSFORMER,
         IMG_TAG_TRANSFORMER,
         UNSUPPORTED_HREF_TRANSFORMER,
-        LINK_REL_TRANSFORMER,
       ]
     )
 
@@ -136,5 +124,48 @@ class Sanitize
         'source' => { 'src' => HTTP_PROTOCOLS }
       )
     )
+
+    LINK_REL_TRANSFORMER = lambda do |env|
+      return unless env[:node_name] == 'a' && env[:node]['href']
+
+      node = env[:node]
+
+      rel = (node['rel'] || '').split(' ') & ['tag']
+      rel += ['nofollow', 'noopener', 'noreferrer'] unless TagManager.instance.local_url?(node['href'])
+
+      if rel.empty?
+        node['rel']&.delete
+      else
+        node['rel'] = rel.join(' ')
+      end
+    end
+
+    LINK_TARGET_TRANSFORMER = lambda do |env|
+      return unless env[:node_name] == 'a' && env[:node]['href']
+
+      node = env[:node]
+      if node['target'] != '_blank' && TagManager.instance.local_url?(node['href'])
+        node['target']&.delete
+      else
+        node['target'] = '_blank'
+      end
+    end
+
+    MASTODON_OUTGOING ||= freeze_config MASTODON_STRICT.merge(
+      attributes: merge(
+        MASTODON_STRICT[:attributes],
+        'a' => %w(href rel class title target)
+      ),
+
+      add_attributes: {},
+
+      transformers: [
+        CLASS_WHITELIST_TRANSFORMER,
+        IMG_TAG_TRANSFORMER,
+        UNSUPPORTED_HREF_TRANSFORMER,
+        LINK_REL_TRANSFORMER,
+        LINK_TARGET_TRANSFORMER,
+      ]
+    )
   end
 end
generated by cgit-pink (git 2.37.1) at 2024-07-01 16:29:43 +0000