0
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-11-27 21:38:56 +01:00
gitea/modules/markup/sanitizer_description.go
Giteabot b6280f4d21
Split sanitizer functions and fine-tune some tests (#31192) (#31200)
Backport #31192 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-31 13:54:14 +00:00

38 lines
999 B
Go

// Copyright 2024 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package markup
import (
"regexp"
"github.com/microcosm-cc/bluemonday"
)
// createRepoDescriptionPolicy returns a minimal more strict policy that is used for
// repository descriptions.
func (st *Sanitizer) createRepoDescriptionPolicy() *bluemonday.Policy {
policy := bluemonday.NewPolicy()
policy.AllowStandardURLs()
// Allow italics and bold.
policy.AllowElements("i", "b", "em", "strong")
// Allow code.
policy.AllowElements("code")
// Allow links
policy.AllowAttrs("href", "target", "rel").OnElements("a")
// Allow classes for emojis
policy.AllowAttrs("class").Matching(regexp.MustCompile(`^emoji$`)).OnElements("img", "span")
policy.AllowAttrs("aria-label").OnElements("span")
return policy
}
// SanitizeDescription sanitizes the HTML generated for a repository description.
func SanitizeDescription(s string) string {
return GetDefaultSanitizer().descriptionPolicy.Sanitize(s)
}