Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/lib/pretty_text.rb

451 lines
13 KiB
Ruby
Raw Normal View History

FEATURE: upgrade from therubyracer to mini_racer This pushes our internal V8 JavaScript engine from Chrome 32 to 50. It also resolves some long standing issues we had with the old wrapper.
2016-05-19 08:25:08 -04:00
require 'mini_racer'
Initial release of Discourse
2013-02-05 14:16:51 -05:00
require 'nokogiri'
FIX: use CDN for user card/profile background and user avatars (for real this time)
2015-01-29 16:53:48 -05:00
require_dependency 'url_helper'
refactor
2013-05-27 19:48:47 -04:00
require_dependency 'excerpt_parser'
FIX: don't load post.rb a second time in dev env
2013-10-15 18:33:06 -04:00
require_dependency 'post'
FIX: Post does not save if it contains a tag link
2016-05-01 21:36:09 -04:00
require_dependency 'discourse_tagging'
Initial release of Discourse
2013-02-05 14:16:51 -05:00
module PrettyText
FEATURE: upgrade from therubyracer to mini_racer This pushes our internal V8 JavaScript engine from Chrome 32 to 50. It also resolves some long standing issues we had with the old wrapper.
2016-05-19 08:25:08 -04:00
module Helpers
extend self
fix failing server side quote localisation change
2013-07-16 03:48:48 -04:00
def t(key, opts)
Fix pretty_text translation helper again, this time for real
2014-10-02 12:19:01 -04:00
key = "js." + key
unless opts
FIX: auto-load all plugin locales so that they can be used in PrettyText
2015-04-09 11:04:14 -04:00
I18n.t(key)
Fix pretty_text translation helper again, this time for real
2014-10-02 12:19:01 -04:00
else
str = I18n.t(key, Hash[opts.entries].symbolize_keys).dup
FIX: auto-load all plugin locales so that they can be used in PrettyText
2015-04-09 11:04:14 -04:00
opts.each { |k,v| str.gsub!("{{#{k.to_s}}}", v.to_s) }
str
fix failing server side quote localisation change
2013-07-16 03:48:48 -04:00
end
end
FIX: Quoting an avatar when `default_avatars` was set was broken.
2015-03-12 15:51:28 -04:00
# functions here are available to v8
Initial release of Discourse
2013-02-05 14:16:51 -05:00
def avatar_template(username)
return "" unless username
Perform the where(...).first to find_by(...) refactoring. This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 09:41:59 -04:00
user = User.find_by(username_lower: username.downcase)
FIX: use CDN for user card/profile background and user avatars (for real this time)
2015-01-29 16:53:48 -05:00
return "" unless user.present?
FIX: Quoting an avatar when `default_avatars` was set was broken.
2015-03-12 15:51:28 -04:00
# TODO: Add support for ES6 and call `avatar-template` directly
FIX: `default_avatars` wasn't being used for some server side templates
2015-06-26 13:37:50 -04:00
if !user.uploaded_avatar_id
avatar_template = User.default_template(username)
FIX: Quoting an avatar when `default_avatars` was set was broken.
2015-03-12 15:51:28 -04:00
else
avatar_template = user.avatar_template
end
FEATURE: move migrate_to_new_scheme into a background job - new hidden site setting 'migrate_to_new_scheme' (defaults to false) - new rake tasks to toggle migration to new scheme - FIX: migrate_to_new_scheme also works with CDN - PERF: improve perf of the DbHelper.remap method - REFACTOR: UrlHelper is now a class
2015-06-12 06:02:36 -04:00
UrlHelper.schemaless UrlHelper.absolute avatar_template
Initial release of Discourse
2013-02-05 14:16:51 -05:00
end
FEATURE: first class group mentions built in If you allow a group to be mentioned it can be mentioned with the @ symbol. Keep in mind as a safety mechanism max_users_notified_per_group_mention is set to 100
2015-11-30 01:03:47 -05:00
def mention_lookup(username)
Initial release of Discourse
2013-02-05 14:16:51 -05:00
return false unless username
FEATURE: first class group mentions built in If you allow a group to be mentioned it can be mentioned with the @ symbol. Keep in mind as a safety mechanism max_users_notified_per_group_mention is set to 100
2015-11-30 01:03:47 -05:00
if Group.exec_sql('SELECT 1 FROM groups WHERE name = ?', username).values.length == 1
"group"
else
username = username.downcase
if User.exec_sql('SELECT 1 FROM users WHERE username_lower = ?', username).values.length == 1
"user"
else
nil
end
end
Initial release of Discourse
2013-02-05 14:16:51 -05:00
end
FEATURE: add title expansion for off topic quotes
2015-09-24 23:35:14 -04:00
FEATURE: Autolinking to category using hashtags.
2015-12-28 01:28:16 -05:00
def category_hashtag_lookup(category_slug)
FIX: Clashing category slug.
2016-01-12 03:40:36 -05:00
if category = Category.query_from_hashtag_slug(category_slug)
FIX: should have been 'category_slug'
2016-02-11 10:04:40 -05:00
[category.url_with_id, category_slug]
FEATURE: Autolinking to category using hashtags.
2015-12-28 01:28:16 -05:00
else
nil
end
end
FEATURE: add title expansion for off topic quotes
2015-09-24 23:35:14 -04:00
def get_topic_info(topic_id)
return unless Fixnum === topic_id
# TODO this only handles public topics, secured one do not get this
topic = Topic.find_by(id: topic_id)
if topic && Guardian.new.can_see?(topic)
{
title: topic.title,
href: topic.url
}
end
end
FEATURE: Merge tagging plugin into core
2016-04-25 15:55:15 -04:00
def category_tag_hashtag_lookup(text)
tag_postfix = '::tag'
is_tag = text =~ /#{tag_postfix}$/
if !is_tag && category = Category.query_from_hashtag_slug(text)
[category.url_with_id, text]
Use db schema for tags instead of plugin store and custom fields
2016-05-04 14:02:47 -04:00
elsif is_tag && tag = Tag.find_by_name(text.gsub!("#{tag_postfix}", ''))
["#{Discourse.base_url}/tags/#{tag.name}", text]
FEATURE: Merge tagging plugin into core
2016-04-25 15:55:15 -04:00
else
nil
end
end
FEATURE: upgrade from therubyracer to mini_racer This pushes our internal V8 JavaScript engine from Chrome 32 to 50. It also resolves some long standing issues we had with the old wrapper.
2016-05-19 08:25:08 -04:00
Initial release of Discourse
2013-02-05 14:16:51 -05:00
end
@mutex = Mutex.new
Revert "Revert "eliminate a class of v8 initialization bugs due to concurrency in sidekiq"" This reverts commit f1a693c8b78c7367ea3a4e95d3c0bc922204545a.
2013-08-15 18:12:10 -04:00
@ctx_init = Mutex.new
Initial release of Discourse
2013-02-05 14:16:51 -05:00
def self.app_root
Rails.root
end
Revert "Revert "eliminate a class of v8 initialization bugs due to concurrency in sidekiq"" This reverts commit f1a693c8b78c7367ea3a4e95d3c0bc922204545a.
2013-08-15 18:12:10 -04:00
def self.create_new_context
increase transpiler timeout to 15 sec
2016-04-21 19:52:12 -04:00
# timeout any eval that takes longer than 15 seconds
FEATURE: upgrade from therubyracer to mini_racer This pushes our internal V8 JavaScript engine from Chrome 32 to 50. It also resolves some long standing issues we had with the old wrapper.
2016-05-19 08:25:08 -04:00
ctx = MiniRacer::Context.new(timeout: 15000)
remove trailing whitespaces :heart:
2013-02-25 11:42:20 -05:00
FEATURE: upgrade from therubyracer to mini_racer This pushes our internal V8 JavaScript engine from Chrome 32 to 50. It also resolves some long standing issues we had with the old wrapper.
2016-05-19 08:25:08 -04:00
Helpers.instance_methods.each do |method|
ctx.attach("helpers.#{method}", Helpers.method(method))
end
Initial release of Discourse
2013-02-05 14:16:51 -05:00
Revert "Revert "eliminate a class of v8 initialization bugs due to concurrency in sidekiq"" This reverts commit f1a693c8b78c7367ea3a4e95d3c0bc922204545a.
2013-08-15 18:12:10 -04:00
ctx_load(ctx,
we still need md5
2016-02-05 09:27:24 -05:00
"vendor/assets/javascripts/md5.js",
FEATURE: support email attachments
2014-04-14 16:55:57 -04:00
"vendor/assets/javascripts/lodash.js",
"vendor/assets/javascripts/Markdown.Converter.js",
"lib/headless-ember.js",
"vendor/assets/javascripts/rsvp.js",
Rails.configuration.ember.handlebars_location
)
Initial release of Discourse
2013-02-05 14:16:51 -05:00
BUGFIX: redis-rails has always been a problem child implemented an ActiveSupport::Cache::Store for our internal use. * allows for expire by family * works correctly in multisite * namespaced correctly Removed redis-rails from the project, no longer needed
2014-01-06 00:50:04 -05:00
ctx.eval("var Discourse = {}; Discourse.SiteSettings = {};")
Revert "Revert "eliminate a class of v8 initialization bugs due to concurrency in sidekiq"" This reverts commit f1a693c8b78c7367ea3a4e95d3c0bc922204545a.
2013-08-15 18:12:10 -04:00
ctx.eval("var window = {}; window.devicePixelRatio = 2;") # hack to make code think stuff is retina
ctx.eval("var I18n = {}; I18n.t = function(a,b){ return helpers.t(a,b); }");
Initial release of Discourse
2013-02-05 14:16:51 -05:00
FIX: Quoting an avatar when `default_avatars` was set was broken.
2015-03-12 15:51:28 -04:00
ctx.eval("var modules = {};")
FIX: Make `getURL` available to plugins while they are starting up in a similar load order to the client app.
2013-08-29 13:11:12 -04:00
decorate_context(ctx)
Revert "Revert "eliminate a class of v8 initialization bugs due to concurrency in sidekiq"" This reverts commit f1a693c8b78c7367ea3a4e95d3c0bc922204545a.
2013-08-15 18:12:10 -04:00
ctx_load(ctx,
FEATURE: support email attachments
2014-04-14 16:55:57 -04:00
"vendor/assets/javascripts/better_markdown.js",
"app/assets/javascripts/defer/html-sanitizer-bundle.js",
SECURITY: Backported XSS fixes from Handlebars
2015-11-24 16:07:47 -05:00
"app/assets/javascripts/discourse/lib/utilities.js",
FEATURE: support email attachments
2014-04-14 16:55:57 -04:00
"app/assets/javascripts/discourse/dialects/dialect.js",
Extract logic for censored-words so that it can be reused.
2015-08-25 10:25:37 -04:00
"app/assets/javascripts/discourse/lib/censored-words.js",
FIX: Quoting an avatar when `default_avatars` was set was broken.
2015-03-12 15:51:28 -04:00
"app/assets/javascripts/discourse/lib/markdown.js",
FEATURE: support email attachments
2014-04-14 16:55:57 -04:00
)
Initial release of Discourse
2013-02-05 14:16:51 -05:00
FIX: Loading of Emoji files depended on working directory The importer scripts could not be used unless the working directory was the Discourse root directory.
2015-01-23 18:07:39 -05:00
Dir["#{app_root}/app/assets/javascripts/discourse/dialects/**.js"].sort.each do |dialect|
FIX: adding a custom emoji needed an application restart to work on the server-side rendering
2015-01-29 11:35:52 -05:00
ctx.load(dialect) unless dialect =~ /\/dialect\.js$/
Replace Markdown parser.
2013-08-08 18:14:12 -04:00
end
FIX: adding a custom emoji needed an application restart to work on the server-side rendering
2015-01-29 11:35:52 -05:00
# emojis
FIX: Loading of Emoji files depended on working directory The importer scripts could not be used unless the working directory was the Discourse root directory.
2015-01-23 18:07:39 -05:00
emoji = ERB.new(File.read("#{app_root}/app/assets/javascripts/discourse/lib/emoji/emoji.js.erb"))
FIX: load custom emoji API before the plugins
2014-12-23 05:06:55 -05:00
ctx.eval(emoji.result)
Initial release of Discourse
2013-02-05 14:16:51 -05:00
# Load server side javascripts
if DiscoursePluginRegistry.server_side_javascripts.present?
DiscoursePluginRegistry.server_side_javascripts.each do |ssjs|
relocate emoji plugin, stop pre-compiling assets
2013-11-19 22:38:21 -05:00
if(ssjs =~ /\.erb/)
erb = ERB.new(File.read(ssjs))
erb.filename = ssjs
ctx.eval(erb.result)
else
ctx.load(ssjs)
end
Initial release of Discourse
2013-02-05 14:16:51 -05:00
end
end
Revert "Revert "eliminate a class of v8 initialization bugs due to concurrency in sidekiq"" This reverts commit f1a693c8b78c7367ea3a4e95d3c0bc922204545a.
2013-08-15 18:12:10 -04:00
ctx
end
def self.v8
return @ctx if @ctx
# ensure we only init one of these
@ctx_init.synchronize do
return @ctx if @ctx
@ctx = create_new_context
end
FEATURE: support email attachments
2014-04-14 16:55:57 -04:00
Initial release of Discourse
2013-02-05 14:16:51 -05:00
@ctx
end
FEATURE: attempt to recover from corrupt markdown engine
2014-11-14 01:51:04 -05:00
def self.reset_context
@ctx_init.synchronize do
@ctx = nil
end
end
FIX: Make `getURL` available to plugins while they are starting up in a similar load order to the client app.
2013-08-29 13:11:12 -04:00
def self.decorate_context(context)
context.eval("Discourse.CDN = '#{Rails.configuration.action_controller.asset_host}';")
keep pretty_text in sync with client code
2015-07-15 18:01:00 -04:00
context.eval("Discourse.BaseUrl = '#{RailsMultisite::ConnectionManagement.current_hostname}'.replace(/:[\d]*$/,'');")
FIX: Discourse.BaseUri should not default to /
2015-09-06 23:20:59 -04:00
context.eval("Discourse.BaseUri = '#{Discourse::base_uri}';")
keep pretty_text in sync with client code
2015-07-15 18:01:00 -04:00
context.eval("Discourse.SiteSettings = #{SiteSetting.client_settings_json};")
context.eval("Discourse.getURL = function(url) {
if (!url) return url;
if (!/^\\/[^\\/]/.test(url)) return url;
var u = (Discourse.BaseUri === undefined ? '/' : Discourse.BaseUri);
if (u[u.length-1] === '/') u = u.substring(0, u.length-1);
if (url.indexOf(u) !== -1) return url;
if (u.length > 0 && url[0] !== '/') url = '/' + url;
return u + url;
};")
context.eval("Discourse.getURLWithCDN = function(url) {
url = this.getURL(url);
if (Discourse.CDN && /^\\/[^\\/]/.test(url)) {
url = Discourse.CDN + url;
} else if (Discourse.S3CDN) {
url = url.replace(Discourse.S3BaseUrl, Discourse.S3CDN);
}
return url;
};")
FIX: Make `getURL` available to plugins while they are starting up in a similar load order to the client app.
2013-08-29 13:11:12 -04:00
end
Initial release of Discourse
2013-02-05 14:16:51 -05:00
def self.markdown(text, opts=nil)
# we use the exact same markdown converter as the client
remove trailing whitespaces :heart:
2013-02-25 11:42:20 -05:00
# TODO: use the same extensions on both client and server (in particular the template for mentions)
Initial release of Discourse
2013-02-05 14:16:51 -05:00
baked = nil
FEATURE: upgrade from therubyracer to mini_racer This pushes our internal V8 JavaScript engine from Chrome 32 to 50. It also resolves some long standing issues we had with the old wrapper.
2016-05-19 08:25:08 -04:00
text = text || ""
Initial release of Discourse
2013-02-05 14:16:51 -05:00
BUGFIX: JS errors could crash our process
2014-02-03 19:12:53 -05:00
protect do
avoid calling v8 multiple times ( makes certain testing simpler)
2013-08-15 23:03:47 -04:00
context = v8
Initial release of Discourse
2013-02-05 14:16:51 -05:00
# we need to do this to work in a multi site environment, many sites, many settings
FIX: Make `getURL` available to plugins while they are starting up in a similar load order to the client app.
2013-08-29 13:11:12 -04:00
decorate_context(context)
Upgraded and refactored Sanitizing. Much less crap should get through now! Conflicts: app/assets/javascripts/discourse/components/syntax_highlighting.js
2013-10-11 16:24:27 -04:00
context_opts = opts || {}
FIX: Don't sanitize `header_instructions`
2015-12-10 18:14:51 -05:00
context_opts[:sanitize] = true unless context_opts[:sanitize] == false
FEATURE: upgrade from therubyracer to mini_racer This pushes our internal V8 JavaScript engine from Chrome 32 to 50. It also resolves some long standing issues we had with the old wrapper.
2016-05-19 08:25:08 -04:00
context.eval("opts = #{context_opts.to_json};")
context.eval("raw = #{text.inspect};")
Upgraded and refactored Sanitizing. Much less crap should get through now! Conflicts: app/assets/javascripts/discourse/components/syntax_highlighting.js
2013-10-11 16:24:27 -04:00
if Post.white_listed_image_classes.present?
Post.white_listed_image_classes.each do |klass|
context.eval("Discourse.Markdown.whiteListClass('#{klass}')")
end
end
FIX: Don't substitute emojis within code blocks
2016-03-02 14:31:32 -05:00
if SiteSetting.enable_emoji?
context.eval("Discourse.Dialect.setUnicodeReplacements(#{Emoji.unicode_replacements_json})");
else
context.eval("Discourse.Dialect.setUnicodeReplacements(null)");
end
FIX: prevent cross-contamination of emojis in multisites
2015-10-30 18:26:34 -04:00
# reset emojis (v8 context is shared amongst multisites)
FIX: better plugin emojis API
2015-11-06 09:02:40 -05:00
context.eval("Discourse.Dialect.resetEmojis();")
FIX: adding a custom emoji needed an application restart to work on the server-side rendering
2015-01-29 11:35:52 -05:00
# custom emojis
Emoji.custom.each do |emoji|
context.eval("Discourse.Dialect.registerEmoji('#{emoji.name}', '#{emoji.url}');")
end
FIX: better plugin emojis API
2015-11-06 09:02:40 -05:00
# plugin emojis
context.eval("Discourse.Emoji.applyCustomEmojis();")
FIX: adding a custom emoji needed an application restart to work on the server-side rendering
2015-01-29 11:35:52 -05:00
FEATURE: first class group mentions built in If you allow a group to be mentioned it can be mentioned with the @ symbol. Keep in mind as a safety mechanism max_users_notified_per_group_mention is set to 100
2015-11-30 01:03:47 -05:00
context.eval('opts["mentionLookup"] = function(u){return helpers.mention_lookup(u);}')
FEATURE: Autolinking to category using hashtags.
2015-12-28 01:28:16 -05:00
context.eval('opts["categoryHashtagLookup"] = function(c){return helpers.category_hashtag_lookup(c);}')
avoid calling v8 multiple times ( makes certain testing simpler)
2013-08-15 23:03:47 -04:00
context.eval('opts["lookupAvatar"] = function(p){return Discourse.Utilities.avatarImg({size: "tiny", avatarTemplate: helpers.avatar_template(p)});}')
FEATURE: add title expansion for off topic quotes
2015-09-24 23:35:14 -04:00
context.eval('opts["getTopicInfo"] = function(i){return helpers.get_topic_info(i)};')
no need to use discourse event here
2016-05-01 22:01:15 -04:00
context.eval('opts["categoryHashtagLookup"] = function(c){return helpers.category_tag_hashtag_lookup(c);}')
FEATURE: DiscourseEvent hook for server side markdown context.
2016-01-29 09:59:15 -05:00
DiscourseEvent.trigger(:markdown_context, context)
avoid calling v8 multiple times ( makes certain testing simpler)
2013-08-15 23:03:47 -04:00
baked = context.eval('Discourse.Markdown.markdownConverter(opts).makeHtml(raw)')
Initial release of Discourse
2013-02-05 14:16:51 -05:00
end
FEATURE: attempt to recover from corrupt markdown engine
2014-11-14 01:51:04 -05:00
if baked.blank? && !(opts || {})[:skip_blank_test]
# we may have a js engine issue
test = markdown("a", skip_blank_test: true)
if test.blank?
Rails.logger.warn("Markdown engine appears to have crashed, resetting context")
reset_context
opts ||= {}
opts = opts.dup
opts[:skip_blank_test] = true
baked = markdown(text, opts)
end
end
Initial release of Discourse
2013-02-05 14:16:51 -05:00
baked
end
# leaving this here, cause it invokes v8, don't want to implement twice
custom avatar support
2013-08-13 16:08:29 -04:00
def self.avatar_img(avatar_template, size)
BUGFIX: JS errors could crash our process
2014-02-03 19:12:53 -05:00
protect do
FEATURE: upgrade from therubyracer to mini_racer This pushes our internal V8 JavaScript engine from Chrome 32 to 50. It also resolves some long standing issues we had with the old wrapper.
2016-05-19 08:25:08 -04:00
v8.eval <<JS
avatarTemplate = #{avatar_template.inspect};
FIX: broken onebox avatar image
2016-05-25 22:24:55 -04:00
size = #{size.inspect};
FEATURE: upgrade from therubyracer to mini_racer This pushes our internal V8 JavaScript engine from Chrome 32 to 50. It also resolves some long standing issues we had with the old wrapper.
2016-05-19 08:25:08 -04:00
JS
FIX: Make `getURL` available to plugins while they are starting up in a similar load order to the client app.
2013-08-29 13:11:12 -04:00
decorate_context(v8)
BUGFIX: JS errors could crash our process
2014-02-03 19:12:53 -05:00
v8.eval("Discourse.Utilities.avatarImg({ avatarTemplate: avatarTemplate, size: size });")
Initial release of Discourse
2013-02-05 14:16:51 -05:00
end
end
FIX: unescape emojis in digests
2015-10-15 03:59:29 -04:00
def self.unescape_emoji(title)
protect do
decorate_context(v8)
FEATURE: upgrade from therubyracer to mini_racer This pushes our internal V8 JavaScript engine from Chrome 32 to 50. It also resolves some long standing issues we had with the old wrapper.
2016-05-19 08:25:08 -04:00
v8.eval("Discourse.Emoji.unescape(#{title.inspect})")
FIX: unescape emojis in digests
2015-10-15 03:59:29 -04:00
end
end
Initial release of Discourse
2013-02-05 14:16:51 -05:00
def self.cook(text, opts={})
- FEATURE: revamped poll plugin - add User.staff scope - inject MessageBus into Ember views (so it can be used by the poll plugin) - REFACTOR: use more accurate is_first_post? method instead of post_number == 1 - FEATURE: add support for JSON-typed custom fields - FEATURE: allow plugins to add validation - FEATURE: add post_custom_fields to PostSerializer - FEATURE: allow plugins to whitelist post_custom_fields - FIX: don't bump when post did not save successfully - FEATURE: polls are supported in any post - FEATURE: allow for multiple polls in the same post - FEATURE: multiple choice polls - FEATURE: rating polls - FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 13:33:29 -04:00
options = opts.dup
Initial release of Discourse
2013-02-05 14:16:51 -05:00
# we have a minor inconsistency
- FEATURE: revamped poll plugin - add User.staff scope - inject MessageBus into Ember views (so it can be used by the poll plugin) - REFACTOR: use more accurate is_first_post? method instead of post_number == 1 - FEATURE: add support for JSON-typed custom fields - FEATURE: allow plugins to add validation - FEATURE: add post_custom_fields to PostSerializer - FEATURE: allow plugins to whitelist post_custom_fields - FIX: don't bump when post did not save successfully - FEATURE: polls are supported in any post - FEATURE: allow for multiple polls in the same post - FEATURE: multiple choice polls - FEATURE: rating polls - FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 13:33:29 -04:00
options[:topicId] = opts[:topic_id]
PERF: Use a regexp for unicode replacements
2015-12-30 14:35:25 -05:00
working_text = text.dup
FEATURE: Perform a server side replacement of unicode emoji
2015-12-29 16:27:56 -05:00
sanitized = markdown(working_text, options)
FEATURE: allow users to pick a CDN for s3 assets
2015-05-25 21:13:12 -04:00
doc = Nokogiri::HTML.fragment(sanitized)
if !options[:omit_nofollow] && SiteSetting.add_rel_nofollow_to_user_content
add_rel_nofollow_to_user_content(doc)
end
FIX: S3 CDN wasn't applied to lightboxed images
2016-06-27 16:08:49 -04:00
if SiteSetting.enable_s3_uploads && SiteSetting.s3_cdn_url.present?
FEATURE: allow users to pick a CDN for s3 assets
2015-05-25 21:13:12 -04:00
add_s3_cdn(doc)
end
doc.to_html
end
def self.add_s3_cdn(doc)
doc.css("img").each do |img|
FIX: s3 cdn would break cooking if <img> tag had no src
2015-06-10 04:56:44 -04:00
next unless img["src"]
FEATURE: allow users to pick a CDN for s3 assets
2015-05-25 21:13:12 -04:00
img["src"] = img["src"].sub(Discourse.store.absolute_base_url, SiteSetting.s3_cdn_url)
end
rel nofollow, on by default to protect forums from spam etc. we should consider lifting it at high trust by default.
2013-02-10 19:43:07 -05:00
end
remove trailing whitespaces :heart:
2013-02-25 11:42:20 -05:00
FEATURE: allow users to pick a CDN for s3 assets
2015-05-25 21:13:12 -04:00
def self.add_rel_nofollow_to_user_content(doc)
setting to exclude rel nofollow from particular domains
2013-02-11 02:58:19 -05:00
whitelist = []
formatting
2013-02-11 03:01:33 -05:00
relocate emoji plugin, stop pre-compiling assets
2013-11-19 22:38:21 -05:00
domains = SiteSetting.exclude_rel_nofollow_domains
Change comma-delim site settings to pipe-delim
2014-03-29 19:50:44 -04:00
whitelist = domains.split('|') if domains.present?
formatting
2013-02-11 03:01:33 -05:00
rel nofollow, on by default to protect forums from spam etc. we should consider lifting it at high trust by default.
2013-02-10 19:43:07 -05:00
site_uri = nil
doc.css("a").each do |l|
href = l["href"].to_s
remove trailing whitespaces :heart:
2013-02-25 11:42:20 -05:00
begin
rel nofollow, on by default to protect forums from spam etc. we should consider lifting it at high trust by default.
2013-02-10 19:43:07 -05:00
uri = URI(href)
site_uri ||= URI(Discourse.base_url)
remove trailing whitespaces :heart:
2013-02-25 11:42:20 -05:00
pull hotlinked images
2013-11-05 13:04:47 -05:00
if !uri.host.present? ||
FIX: no-follow not handled correctly for sub domains if a.com was whitelisted aa.com would pass through
2015-05-27 00:31:01 -04:00
uri.host == site_uri.host ||
uri.host.ends_with?("." << site_uri.host) ||
whitelist.any?{|u| uri.host == u || uri.host.ends_with?("." << u)}
rel nofollow, on by default to protect forums from spam etc. we should consider lifting it at high trust by default.
2013-02-10 19:43:07 -05:00
# we are good no need for nofollow
else
l["rel"] = "nofollow"
end
couple of bugfixes identified while importing from VB
2014-03-07 04:44:04 -05:00
rescue URI::InvalidURIError, URI::InvalidComponentError
remove trailing whitespaces :heart:
2013-02-25 11:42:20 -05:00
# add a nofollow anyway
rel nofollow, on by default to protect forums from spam etc. we should consider lifting it at high trust by default.
2013-02-10 19:43:07 -05:00
l["rel"] = "nofollow"
end
end
Initial release of Discourse
2013-02-05 14:16:51 -05:00
end
FEATURE: First Quote badge
2014-07-11 00:17:01 -04:00
class DetectedLink
attr_accessor :is_quote, :url
def initialize(url, is_quote=false)
@url = url
@is_quote = is_quote
end
end
Initial release of Discourse
2013-02-05 14:16:51 -05:00
def self.extract_links(html)
links = []
FIX: Have onebox ignore internal links
2013-06-05 14:53:07 -04:00
doc = Nokogiri::HTML.fragment(html)
FIX: don't extract links from elided parts
2016-03-16 17:35:08 -04:00
# remove href inside quotes & elided part
doc.css("aside.quote a, .elided a").each { |l| l["href"] = "" }
FEATURE: First Quote badge
2014-07-11 00:17:01 -04:00
FIX: Have onebox ignore internal links
2013-06-05 14:53:07 -04:00
# extract all links from the post
FEATURE: First Quote badge
2014-07-11 00:17:01 -04:00
doc.css("a").each { |l|
FIX: don't extract links to anchors
2016-04-15 14:02:18 -04:00
unless l["href"].blank? || "#".freeze == l["href"][0]
FEATURE: First Quote badge
2014-07-11 00:17:01 -04:00
links << DetectedLink.new(l["href"])
end
}
FIX: Have onebox ignore internal links
2013-06-05 14:53:07 -04:00
# extract links to quotes
FIX: Don't extract links from empty quotes
2014-05-20 17:20:52 -04:00
doc.css("aside.quote[data-topic]").each do |a|
FIX: Have onebox ignore internal links
2013-06-05 14:53:07 -04:00
topic_id = a['data-topic']
remove trailing whitespaces :heart:
2013-02-25 11:42:20 -05:00
Fix bug where links to posts weren't being tracked
2013-02-13 15:22:04 -05:00
url = "/t/topic/#{topic_id}"
FIX: Have onebox ignore internal links
2013-06-05 14:53:07 -04:00
if post_number = a['data-post']
Fix bug where links to posts weren't being tracked
2013-02-13 15:22:04 -05:00
url << "/#{post_number}"
end
FEATURE: First Quote badge
2014-07-11 00:17:01 -04:00
links << DetectedLink.new(url, true)
Fix bug where links to posts weren't being tracked
2013-02-13 15:22:04 -05:00
end
Initial release of Discourse
2013-02-05 14:16:51 -05:00
links
end
refactor
2013-05-27 19:48:47 -04:00
def self.excerpt(html, max_length, options={})
FIX: remove meta data from lightbox in both excerpt (html & text)
2014-11-05 14:37:00 -05:00
# TODO: properly fix this HACK in ExcerptParser without introducing XSS
doc = Nokogiri::HTML.fragment(html)
strip_image_wrapping(doc)
html = doc.to_html
refactor
2013-05-27 19:48:47 -04:00
ExcerptParser.get_excerpt(html, max_length, options)
end
Initial release of Discourse
2013-02-05 14:16:51 -05:00
FIX: Strip links from google indexed bios when the users are new.
2013-06-05 15:28:10 -04:00
def self.strip_links(string)
return string if string.blank?
# If the user is not basic, strip links from their bio
fragment = Nokogiri::HTML.fragment(string)
SECURITY: Stripping links could unescape html fragments
2014-09-17 12:08:00 -04:00
fragment.css('a').each {|a| a.replace(a.inner_html) }
FIX: Strip links from google indexed bios when the users are new.
2013-06-05 15:28:10 -04:00
fragment.to_html
end
Apply notification styles to mailing list email manually (#4283) * Apply notification styles to mailing list email manually * Fix failing spec
2016-06-21 11:12:30 -04:00
# Given a Nokogiri doc, convert all links to absolute
def self.make_all_links_absolute(doc)
site_uri = nil
doc.css("a").each do |link|
href = link["href"].to_s
begin
uri = URI(href)
site_uri ||= URI(Discourse.base_url)
link["href"] = "#{site_uri}#{link['href']}" unless uri.host.present?
rescue URI::InvalidURIError, URI::InvalidComponentError
# leave it
end
end
end
FIX: Don't include image meta data when embedded in an email
2014-04-17 12:32:51 -04:00
def self.strip_image_wrapping(doc)
doc.css(".lightbox-wrapper .meta").remove
end
Apply notification styles to mailing list email manually (#4283) * Apply notification styles to mailing list email manually * Fix failing spec
2016-06-21 11:12:30 -04:00
def self.format_for_email(html, post = nil)
doc = Nokogiri::HTML.fragment(html)
DiscourseEvent.trigger(:reduce_cooked, doc, post)
strip_image_wrapping(doc)
make_all_links_absolute(doc)
doc.to_html
FIX: emails with embedded posts should always use absolute URLs
2013-11-28 15:57:21 -05:00
end
refactor
2013-05-27 19:48:47 -04:00
protected
Initial release of Discourse
2013-02-05 14:16:51 -05:00
BUGFIX: JS errors could crash our process
2014-02-03 19:12:53 -05:00
class JavaScriptError < StandardError
attr_accessor :message, :backtrace
def initialize(message, backtrace)
@message = message
@backtrace = backtrace
end
end
def self.protect
rval = nil
@mutex.synchronize do
FEATURE: upgrade from therubyracer to mini_racer This pushes our internal V8 JavaScript engine from Chrome 32 to 50. It also resolves some long standing issues we had with the old wrapper.
2016-05-19 08:25:08 -04:00
rval = yield
BUGFIX: JS errors could crash our process
2014-02-03 19:12:53 -05:00
end
rval
end
Revert "Revert "eliminate a class of v8 initialization bugs due to concurrency in sidekiq"" This reverts commit f1a693c8b78c7367ea3a4e95d3c0bc922204545a.
2013-08-15 18:12:10 -04:00
def self.ctx_load(ctx, *files)
refactor
2013-05-27 19:48:47 -04:00
files.each do |file|
Revert "Revert "eliminate a class of v8 initialization bugs due to concurrency in sidekiq"" This reverts commit f1a693c8b78c7367ea3a4e95d3c0bc922204545a.
2013-08-15 18:12:10 -04:00
ctx.load(app_root + file)
Initial release of Discourse
2013-02-05 14:16:51 -05:00
end
end
end