Fix sanitizer making block level elements unreadable (#10836)

Fix #10834
master
Eugen Rochko 5 years ago committed by GitHub
parent 65efe892cf
commit 103a9f4466
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 15
      app/lib/sanitize_config.rb
  2. 26
      spec/lib/sanitize_config_spec.rb

@ -19,6 +19,20 @@ class Sanitize
node['class'] = class_list.join(' ')
end
UNSUPPORTED_ELEMENTS_TRANSFORMER = lambda do |env|
return unless %w(h1 h2 h3 h4 h5 h6 blockquote pre ul ol li).include?(env[:node_name])
case env[:node_name]
when 'li'
env[:node].traverse do |node|
node.add_next_sibling('<br>') if node.next_sibling
node.replace(node.children) unless node.text?
end
else
env[:node].name = 'p'
end
end
MASTODON_STRICT ||= freeze_config(
elements: %w(p br span a),
@ -40,6 +54,7 @@ class Sanitize
transformers: [
CLASS_WHITELIST_TRANSFORMER,
UNSUPPORTED_ELEMENTS_TRANSFORMER,
]
)

@ -0,0 +1,26 @@
# frozen_string_literal: true
require 'rails_helper'
require Rails.root.join('app', 'lib', 'sanitize_config.rb')
describe Sanitize::Config do
describe '::MASTODON_STRICT' do
subject { Sanitize::Config::MASTODON_STRICT }
it 'converts h1 to p' do
expect(Sanitize.fragment('<h1>Foo</h1>', subject)).to eq '<p>Foo</p>'
end
it 'converts ul to p' do
expect(Sanitize.fragment('<p>Check out:</p><ul><li>Foo</li><li>Bar</li></ul>', subject)).to eq '<p>Check out:</p><p>Foo<br>Bar</p>'
end
it 'converts p inside ul' do
expect(Sanitize.fragment('<ul><li><p>Foo</p><p>Bar</p></li><li>Baz</li></ul>', subject)).to eq '<p>Foo<br>Bar<br>Baz</p>'
end
it 'converts ul inside ul' do
expect(Sanitize.fragment('<ul><li>Foo</li><li><ul><li>Bar</li><li>Baz</li></ul></li></ul>', subject)).to eq '<p>Foo<br>Bar<br>Baz</p>'
end
end
end
Loading…
Cancel
Save