Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FEATURE: used strict sanitizer by default 

This amends it so sanitize always uses the most strict sanitizer
by default, if it needs to be "widened" to use more options then
you need to pass it more options.
This commit is contained in:
Sam 2017-06-26 11:27:30 -04:00
parent ecec23fae4
commit 81eb3218b2
2 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/assets/javascripts/discourse/lib/text.js.es6
View File

@ -33,8 +33,8 @@ export function cookAsync(text, options) {
}
export function sanitize(text) {
return textSanitize(text, new WhiteLister(getOpts()));
export function sanitize(text, options) {
return textSanitize(text, new WhiteLister(options));
}
function emojiOptions() {

8
app/assets/javascripts/pretty-text/white-lister.js.es6
View File

@ -14,12 +14,18 @@ function concatUniq(src, elems) {
export default class WhiteLister {
constructor(options) {
options = options || {
features: {
default: true
}
};
options.features.default = true;
this._featureKeys = Object.keys(options.features).filter(f => options.features[f]);
this._key = this._featureKeys.join(':');
this._features = options.features;
this._options = options||{};
this._options = {};
}
getCustom() {