commit: 28812752918c59bedc3526c0a4ac7c490d1a5b22
parent: 8eed5938d5fb6cac9075d2b75b69d2c93316db01
Author: kaniini <nenolod@gmail.com>
Date: Sun, 16 Sep 2018 01:31:03 +0000
Merge branch 'feature/mrf-scrub' into 'develop'
MRF: html scrubbing filter
See merge request pleroma/pleroma!345
Diffstat:
3 files changed, 32 insertions(+), 1 deletion(-)
diff --git a/config/config.exs b/config/config.exs
@@ -104,6 +104,8 @@ config :pleroma, :activitypub,
config :pleroma, :user, deny_follow_blocked: true
+config :pleroma, :mrf_normalize_markup, scrub_policy: Pleroma.HTML.Scrubber.Default
+
config :pleroma, :mrf_rejectnonpublic,
allow_followersonly: false,
allow_direct: false
diff --git a/lib/pleroma/html.ex b/lib/pleroma/html.ex
@@ -3,9 +3,13 @@ defmodule Pleroma.HTML do
@markup Application.get_env(:pleroma, :markup)
+ def filter_tags(html, scrubber) do
+ html |> Scrubber.scrub(scrubber)
+ end
+
def filter_tags(html) do
scrubber = Keyword.get(@markup, :scrub_policy)
- html |> Scrubber.scrub(scrubber)
+ filter_tags(html, scrubber)
end
def strip_tags(html) do
diff --git a/lib/pleroma/web/activity_pub/mrf/normalize_markup.ex b/lib/pleroma/web/activity_pub/mrf/normalize_markup.ex
@@ -0,0 +1,25 @@
+defmodule Pleroma.Web.ActivityPub.MRF.NormalizeMarkup do
+ alias Pleroma.HTML
+
+ @behaviour Pleroma.Web.ActivityPub.MRF
+
+ @mrf_normalize_markup Application.get_env(:pleroma, :mrf_normalize_markup)
+
+ def filter(%{"type" => activity_type} = object) when activity_type == "Create" do
+ scrub_policy = Keyword.get(@mrf_normalize_markup, :scrub_policy)
+
+ child = object["object"]
+
+ content =
+ child["content"]
+ |> HTML.filter_tags(scrub_policy)
+
+ child = Map.put(child, "content", content)
+
+ object = Map.put(object, "object", child)
+
+ {:ok, object}
+ end
+
+ def filter(object), do: {:ok, object}
+end
