|
|
@ -35,16 +35,6 @@ let sanitizeConfig = {
|
|
|
|
],
|
|
|
|
],
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
process.nextTick(async () => {
|
|
|
|
|
|
|
|
// Each allowed tags should have some common global attributes...
|
|
|
|
|
|
|
|
sanitizeConfig.allowedTags.forEach((tag) => {
|
|
|
|
|
|
|
|
sanitizeConfig.allowedAttributes[tag] = _.union(sanitizeConfig.allowedAttributes[tag], sanitizeConfig.globalAttributes);
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// Some plugins might need to adjust or whitelist their own tags...
|
|
|
|
|
|
|
|
sanitizeConfig = await plugins.fireHook('filter:sanitize.config', sanitizeConfig);
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
module.exports = function (Posts) {
|
|
|
|
module.exports = function (Posts) {
|
|
|
|
Posts.urlRegex = {
|
|
|
|
Posts.urlRegex = {
|
|
|
|
regex: /href="([^"]+)"/g,
|
|
|
|
regex: /href="([^"]+)"/g,
|
|
|
@ -119,6 +109,15 @@ module.exports = function (Posts) {
|
|
|
|
});
|
|
|
|
});
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posts.configureSanitize = async () => {
|
|
|
|
|
|
|
|
// Each allowed tags should have some common global attributes...
|
|
|
|
|
|
|
|
sanitizeConfig.allowedTags.forEach((tag) => {
|
|
|
|
|
|
|
|
sanitizeConfig.allowedAttributes[tag] = _.union(sanitizeConfig.allowedAttributes[tag], sanitizeConfig.globalAttributes);
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
sanitizeConfig = await plugins.fireHook('filter:sanitize.config', sanitizeConfig);
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
function sanitizeSignature(signature) {
|
|
|
|
function sanitizeSignature(signature) {
|
|
|
|
signature = translator.escape(signature);
|
|
|
|
signature = translator.escape(signature);
|
|
|
|
var tagsToStrip = [];
|
|
|
|
var tagsToStrip = [];
|
|
|
|