OEmbed support for PreviewCard (#2337)

* OEmbed support for PreviewCard * Improve ProviderDiscovery code failure treatment * Do not crawl links if there is a content warning, since those don't display a link card anyway * Reset db schema * Fresh migrate * Fix rubocop style issues Fix #1681 - return existing access token when applicable instead of creating new * Fix test * Extract http client to helper * Improve oembed controller
2017-04-27 14:42:22 +02:00 · 2017-04-27 14:42:22 +02:00 · 88725d6ce8
commit 88725d6ce8
parent be0a01145b
22 changed files with 278 additions and 36 deletions
--- a/app/lib/formatter.rb
+++ b/app/lib/formatter.rb
@ -1,13 +1,13 @@
 # frozen_string_literal: true

 require 'singleton'
+require_relative './sanitize_config'

 class Formatter
  include Singleton
  include RoutingHelper

  include ActionView::Helpers::TextHelper
-  include ActionView::Helpers::SanitizeHelper

  def format(status)
    return reformat(status.content) unless status.local?
@ -23,7 +23,7 @@ class Formatter
  end

  def reformat(html)
-    sanitize(html, tags: %w(a br p span), attributes: %w(href rel class))
+    sanitize(html, Sanitize::Config::MASTODON_STRICT)
  end

  def plaintext(status)
@ -43,6 +43,10 @@ class Formatter
    html.html_safe # rubocop:disable Rails/OutputSafety
  end

+  def sanitize(html, config)
+    Sanitize.fragment(html, config)
+  end
+
  private

  def encode(html)