Archives/lemmy
2
0
Fork 0
mirror of https://github.com/LemmyNet/lemmy synced 2024-11-05 06:00:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix sanitize_html whitespaces (#3829)

Browse Source
This commit is contained in:
maxime.io 2023-08-07 14:22:52 +02:00 committed by GitHub
parent bed9474cf0
commit d81fb987aa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
crates/api_common/src/utils.rs
View File

@ -797,12 +797,14 @@ pub fn generate_moderators_url(community_id: &DbUrl) -> Result<DbUrl, LemmyError
/// Sanitize HTML with default options. Additionally, dont allow bypassing markdown /// Sanitize HTML with default options. Additionally, dont allow bypassing markdown
/// links and images /// links and images
pub fn sanitize_html(data: &str) -> String { pub fn sanitize_html(data: &str) -> String {
let sanitized = ammonia::Builder::default() ammonia::Builder::default()
.rm_tags(&["a", "img"]) .rm_tags(&["a", "img"])
.clean(data) .clean(data)
.to_string(); .to_string()
// restore markdown quotes // restore markdown quotes
sanitized.replace("&gt;", ">") .replace("&gt;", ">")
// restore white space
.replace("&nbsp;", " ")
} }
pub fn sanitize_html_opt(data: &Option<String>) -> Option<String> { pub fn sanitize_html_opt(data: &Option<String>) -> Option<String> {
@ -839,5 +841,7 @@ mod tests {
assert_eq!(sanitized, " hello"); assert_eq!(sanitized, " hello");
let sanitized = sanitize_html("<img src='http://example.com'> test"); let sanitized = sanitize_html("<img src='http://example.com'> test");
assert_eq!(sanitized, " test"); assert_eq!(sanitized, " test");
let sanitized = sanitize_html("Hello&nbsp;World");
assert_eq!(sanitized, "Hello World");
} }
} }