Revert "Merge branch 'feature/rich-text' into 'develop'"

This reverts merge request !309

Revert "Merge branch 'feature/rich-text' into 'develop'"
This reverts merge request !309
58539e13 · lain · 340ab3cb · 58539e13 · 58539e13 · 58539e13
Commit 58539e13 authored Aug 31, 2018 by lain
7 changed files
--- a/lib/pleroma/formatter.ex
+++ b/lib/pleroma/formatter.ex
@@ -188,11 +188,7 @@ def get_custom_emoji() do
  ]

  # TODO: make it use something other than @link_regex
-  def html_escape(text, "text/html") do
-    HtmlSanitizeEx.basic_html(text)
-  end
-
-  def html_escape(text, "text/plain") do
+  def html_escape(text) do
    Regex.split(@link_regex, text, include_captures: true)
    |> Enum.map_every(2, fn chunk ->
      {:safe, part} = Phoenix.HTML.html_escape(chunk)

--- a/lib/pleroma/web/common_api/common_api.ex
+++ b/lib/pleroma/web/common_api/common_api.ex
@@ -85,14 +85,7 @@ def post(user, %{"status" => status} = data) do
         {to, cc} <- to_for_user_and_mentions(user, mentions, inReplyTo, visibility),
         tags <- Formatter.parse_tags(status, data),
         content_html <-
-           make_content_html(
-             status,
-             mentions,
-             attachments,
-             tags,
-             data["content_type"] || "text/plain",
-             data["no_attachment_links"]
-           ),
+           make_content_html(status, mentions, attachments, tags, data["no_attachment_links"]),
         context <- make_context(inReplyTo),
         cw <- data["spoiler_text"],
         object <-

--- a/lib/pleroma/web/common_api/utils.ex
+++ b/lib/pleroma/web/common_api/utils.ex
@@ -63,16 +63,9 @@ def to_for_user_and_mentions(_user, mentions, inReplyTo, "direct") do
    end
  end

-  def make_content_html(
-        status,
-        mentions,
-        attachments,
-        tags,
-        content_type,
-        no_attachment_links \\ false
-      ) do
+  def make_content_html(status, mentions, attachments, tags, no_attachment_links \\ false) do
    status
-    |> format_input(mentions, tags, content_type)
+    |> format_input(mentions, tags)
    |> maybe_add_attachments(attachments, no_attachment_links)
  end

@@ -99,9 +92,9 @@ def add_attachments(text, attachments) do
    Enum.join([text | attachment_text], "<br>")
  end

-  def format_input(text, mentions, tags, "text/plain") do
+  def format_input(text, mentions, tags) do
    text
-    |> Formatter.html_escape("text/plain")
+    |> Formatter.html_escape()
    |> String.replace(~r/\r?\n/, "<br>")
    |> (&{[], &1}).()
    |> Formatter.add_links()
@@ -110,25 +103,6 @@ def format_input(text, mentions, tags, "text/plain") do
    |> Formatter.finalize()
  end

-  def format_input(text, mentions, tags, "text/html") do
-    text
-    |> Formatter.html_escape("text/html")
-    |> String.replace(~r/\r?\n/, "<br>")
-    |> (&{[], &1}).()
-    |> Formatter.add_user_links(mentions)
-    |> Formatter.finalize()
-  end
-
-  def format_input(text, mentions, tags, "text/markdown") do
-    text
-    |> Earmark.as_html!()
-    |> Formatter.html_escape("text/html")
-    |> String.replace(~r/\r?\n/, "")
-    |> (&{[], &1}).()
-    |> Formatter.add_user_links(mentions)
-    |> Formatter.finalize()
-  end
-
  def add_tag_links(text, tags) do
    tags =
      tags

--- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
@@ -423,7 +423,7 @@ def update_profile(%{assigns: %{user: user}} = conn, params) do
            {String.trim(name, ":"), url}
          end)

-        bio_html = CommonUtils.format_input(bio, mentions, tags, "text/plain")
+        bio_html = CommonUtils.format_input(bio, mentions, tags)
        Map.put(params, "bio", bio_html |> Formatter.emojify(emoji))
      else
        params

--- a/mix.exs
+++ b/mix.exs
@@ -48,7 +48,6 @@ defp deps do
      {:mogrify, "~> 0.6.1"},
      {:ex_aws, "~> 2.0"},
      {:ex_aws_s3, "~> 2.0"},
-      {:earmark, "~> 1.2"},
      {:ex_machina, "~> 2.2", only: :test},
      {:credo, "~> 0.9.3", only: [:dev, :test]},
      {:mock, "~> 0.3.1", only: :test}

--- a/mix.lock
+++ b/mix.lock
@@ -10,7 +10,6 @@
  "credo": {:hex, :credo, "0.9.3", "76fa3e9e497ab282e0cf64b98a624aa11da702854c52c82db1bf24e54ab7c97a", [:mix], [{:bunt, "~> 0.2.0", [hex: :bunt, repo: "hexpm", optional: false]}, {:poison, ">= 0.0.0", [hex: :poison, repo: "hexpm", optional: false]}], "hexpm"},
  "db_connection": {:hex, :db_connection, "1.1.3", "89b30ca1ef0a3b469b1c779579590688561d586694a3ce8792985d4d7e575a61", [:mix], [{:connection, "~> 1.0.2", [hex: :connection, repo: "hexpm", optional: false]}, {:poolboy, "~> 1.5", [hex: :poolboy, repo: "hexpm", optional: true]}, {:sbroker, "~> 1.0", [hex: :sbroker, repo: "hexpm", optional: true]}], "hexpm"},
  "decimal": {:hex, :decimal, "1.5.0", "b0433a36d0e2430e3d50291b1c65f53c37d56f83665b43d79963684865beab68", [:mix], [], "hexpm"},
-  "earmark": {:hex, :earmark, "1.2.6", "b6da42b3831458d3ecc57314dff3051b080b9b2be88c2e5aa41cd642a5b044ed", [:mix], [], "hexpm"},
  "ecto": {:hex, :ecto, "2.2.10", "e7366dc82f48f8dd78fcbf3ab50985ceeb11cb3dc93435147c6e13f2cda0992e", [:mix], [{:db_connection, "~> 1.1", [hex: :db_connection, repo: "hexpm", optional: true]}, {:decimal, "~> 1.2", [hex: :decimal, repo: "hexpm", optional: false]}, {:mariaex, "~> 0.8.0", [hex: :mariaex, repo: "hexpm", optional: true]}, {:poison, "~> 2.2 or ~> 3.0", [hex: :poison, repo: "hexpm", optional: true]}, {:poolboy, "~> 1.5", [hex: :poolboy, repo: "hexpm", optional: false]}, {:postgrex, "~> 0.13.0", [hex: :postgrex, repo: "hexpm", optional: true]}, {:sbroker, "~> 1.0", [hex: :sbroker, repo: "hexpm", optional: true]}], "hexpm"},
  "eternal": {:hex, :eternal, "1.2.0", "e2a6b6ce3b8c248f7dc31451aefca57e3bdf0e48d73ae5043229380a67614c41", [:mix], [], "hexpm"},
  "ex_aws": {:hex, :ex_aws, "2.1.0", "b92651527d6c09c479f9013caa9c7331f19cba38a650590d82ebf2c6c16a1d8a", [:mix], [{:configparser_ex, "~> 2.0", [hex: :configparser_ex, repo: "hexpm", optional: true]}, {:hackney, "1.6.3 or 1.6.5 or 1.7.1 or 1.8.6 or ~> 1.9", [hex: :hackney, repo: "hexpm", optional: true]}, {:jsx, "~> 2.8", [hex: :jsx, repo: "hexpm", optional: true]}, {:poison, ">= 1.2.0", [hex: :poison, repo: "hexpm", optional: true]}, {:sweet_xml, "~> 0.6", [hex: :sweet_xml, repo: "hexpm", optional: true]}, {:xml_builder, "~> 0.1.0", [hex: :xml_builder, repo: "hexpm", optional: true]}], "hexpm"},

--- a/test/web/common_api/common_api_test.exs
+++ b/test/web/common_api/common_api_test.exs
@@ -21,36 +21,4 @@ test "it adds emoji when updating profiles" do

    assert karjalanpiirakka["name"] == ":karjalanpiirakka:"
  end
-
-  describe "posting" do
-    test "it filters out obviously bad tags when accepting a post as HTML" do
-      user = insert(:user)
-
-      post = "<h1>2hu</h1><script>alert('xss')</script>"
-
-      {:ok, activity} =
-        CommonAPI.post(user, %{
-          "status" => post,
-          "content_type" => "text/html"
-        })
-
-      content = activity.data["object"]["content"]
-      assert content == "<h1>2hu</h1>alert('xss')"
-    end
-
-    test "it filters out obviously bad tags when accepting a post as Markdown" do
-      user = insert(:user)
-
-      post = "<h1>2hu</h1><script>alert('xss')</script>"
-
-      {:ok, activity} =
-        CommonAPI.post(user, %{
-          "status" => post,
-          "content_type" => "text/markdown"
-        })
-
-      content = activity.data["object"]["content"]
-      assert content == "<h1>2hu</h1>alert('xss')"
-    end
-  end
 end