Thibaut Girka
c28f80802a
Add support for “start” and “reversed” attributes to ol element
...
Fixes #1367
2020-07-01 01:02:27 +02:00
Ben Lubar
0584eaeaa1
Fix exception when trying to serialize posts with <a> tags in them without hrefs ( #1334 )
...
* fix exception when trying to serialize posts with <a> tags in them without hrefs
* Add tests
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
2020-05-28 12:47:40 +02:00
Thibaut Girka
6b5c7ee662
Make sanitizer *not* add no-referrer etc. in local markdown toots if the link is “safe”
2020-03-24 12:07:47 +01:00
Thibaut Girka
909b2257ab
Fix glitch-soc marking every link in toots as a tag
...
Fixes #1281
2020-03-24 12:07:47 +01:00
Thibaut Girka
da4e91ad73
Fix tests
...
Well, kinda, it's actually a bug from glitch-soc, but we will have to address it separately.
2020-02-09 12:32:33 +01:00
Thibaut Girka
b89d5a7408
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `Gemfile`:
We updated httplog in a separate commit.
Took upstream's change which updated it further.
- `Gemfile.lock`:
We updated httplog in a separate commit.
Took upstream's change which updated it further.
- `app/lib/sanitize_config.rb`:
Upstream added better unsupported link stripping,
while we had different sanitizing configs.
Took only upstream's link stripping code.
- `config/locales/simple_form.pl.yml`:
Strings unused in glitch-soc had been removed from
glitch-soc, reintroduced them even if they are not
useful, to reduce the risk of later merge conflicts.
2020-02-09 12:15:55 +01:00
Eugen Rochko
4cf2ddc5df
Fix rendering <a>
without href
when scheme unsupported ( #13040 )
...
- Disallow links with relative paths
- Disallow iframes with non-http protocols and relative paths
Close #13037
2020-02-08 21:22:38 +01:00
BSKY
483cf4d52a
Add noopener and/or noreferrer ( #12202 )
2019-10-24 22:44:42 +02:00
ThibG
773130d51a
Fix sanitizing lists contents ( #11354 )
...
* Add test
* Fix code for sanitizing nested lists stripping all tags
2019-07-19 01:44:58 +02:00
Thibaut Girka
22439f9ded
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- app/lib/sanitize_config.rb
Keep our version, we support the tags upstream transforms.
- package.json
- yarn.lock
2019-06-19 18:36:16 +02:00
Eugen Rochko
ffbca47356
Fix sanitizer making block level elements unreadable ( #10836 )
...
Fix #10834
2019-06-16 21:46:36 +02:00