Thibaut Girka
f186e0c91c
Add support for “start” and “reversed” attributes to ol element
...
Fixes #1367
2020-07-01 01:02:27 +02:00
Ben Lubar
ead09f5ddc
Fix exception when trying to serialize posts with <a> tags in them without hrefs ( #1334 )
...
* fix exception when trying to serialize posts with <a> tags in them without hrefs
* Add tests
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
2020-05-28 12:47:40 +02:00
Thibaut Girka
02f1c04fab
Make sanitizer *not* add no-referrer etc. in local markdown toots if the link is “safe”
2020-03-24 12:07:47 +01:00
Thibaut Girka
2c510ee00a
Fix glitch-soc marking every link in toots as a tag
...
Fixes #1281
2020-03-24 12:07:47 +01:00
Thibaut Girka
432033743c
Fix tests
...
Well, kinda, it's actually a bug from glitch-soc, but we will have to address it separately.
2020-02-09 12:32:33 +01:00
Thibaut Girka
dae5e446fe
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `Gemfile`:
We updated httplog in a separate commit.
Took upstream's change which updated it further.
- `Gemfile.lock`:
We updated httplog in a separate commit.
Took upstream's change which updated it further.
- `app/lib/sanitize_config.rb`:
Upstream added better unsupported link stripping,
while we had different sanitizing configs.
Took only upstream's link stripping code.
- `config/locales/simple_form.pl.yml`:
Strings unused in glitch-soc had been removed from
glitch-soc, reintroduced them even if they are not
useful, to reduce the risk of later merge conflicts.
2020-02-09 12:15:55 +01:00
Eugen Rochko
b1349342d2
Fix rendering `<a>` without `href` when scheme unsupported ( #13040 )
...
- Disallow links with relative paths
- Disallow iframes with non-http protocols and relative paths
Close #13037
2020-02-08 21:22:38 +01:00
BSKY
fccf83e1f2
Add noopener and/or noreferrer ( #12202 )
2019-10-24 22:44:42 +02:00
ThibG
fda437a020
Fix sanitizing lists contents ( #11354 )
...
* Add test
* Fix code for sanitizing nested lists stripping all tags
2019-07-19 01:44:58 +02:00
Thibaut Girka
356e9150df
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- app/lib/sanitize_config.rb
Keep our version, we support the tags upstream transforms.
- package.json
- yarn.lock
2019-06-19 18:36:16 +02:00
Eugen Rochko
103a9f4466
Fix sanitizer making block level elements unreadable ( #10836 )
...
Fix #10834
2019-06-16 21:46:36 +02:00