html.ex 6.78 KB
Newer Older
1
# Pleroma: A lightweight social networking server
kaniini's avatar
kaniini committed
2
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3
4
# SPDX-License-Identifier: AGPL-3.0-only

5
6
7
defmodule Pleroma.HTML do
  alias HtmlSanitizeEx.Scrubber

Rin Toshaka's avatar
Rin Toshaka committed
8
9
10
11
12
13
14
15
16
17
  defp get_scrubbers(scrubber) when is_atom(scrubber), do: [scrubber]
  defp get_scrubbers(scrubbers) when is_list(scrubbers), do: scrubbers
  defp get_scrubbers(_), do: [Pleroma.HTML.Scrubber.Default]

  def get_scrubbers() do
    Pleroma.Config.get([:markup, :scrub_policy])
    |> get_scrubbers
  end

  def filter_tags(html, nil) do
18
19
20
21
22
    filter_tags(html, get_scrubbers())
  end

  def filter_tags(html, scrubbers) when is_list(scrubbers) do
    Enum.reduce(scrubbers, html, fn scrubber, html ->
23
24
      filter_tags(html, scrubber)
    end)
25
26
  end

Maksim's avatar
Maksim committed
27
  def filter_tags(html, scrubber), do: Scrubber.scrub(html, scrubber)
28
  def filter_tags(html), do: filter_tags(html, nil)
Maksim's avatar
Maksim committed
29
  def strip_tags(html), do: Scrubber.scrub(html, Scrubber.StripTags)
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63

  def get_cached_scrubbed_html_for_object(content, scrubbers, object) do
    key = "#{generate_scrubber_signature(scrubbers)}|#{object.id}"
    Cachex.fetch!(:scrubber_cache, key, fn _key -> ensure_scrubbed_html(content, scrubbers) end)
  end

  def get_cached_stripped_html_for_object(content, object) do
    get_cached_scrubbed_html_for_object(content, HtmlSanitizeEx.Scrubber.StripTags, object)
  end

  def ensure_scrubbed_html(
        content,
        scrubbers
      ) do
    {:commit, filter_tags(content, scrubbers)}
  end

  defp generate_scrubber_signature(scrubber) when is_atom(scrubber) do
    generate_scrubber_signature([scrubber])
  end

  defp generate_scrubber_signature(scrubbers) do
    Enum.reduce(scrubbers, "", fn scrubber, signature ->
      # If a scrubber does not have a version(e.g HtmlSanitizeEx.Scrubber.StripTags) it is assumed it is always 0)
      version =
        if Kernel.function_exported?(scrubber, :version, 0) do
          scrubber.version
        else
          0
        end

      "#{signature}#{to_string(scrubber)}#{version}"
    end)
  end
64
end
65
66
67
68
69
70
71

defmodule Pleroma.HTML.Scrubber.TwitterText do
  @moduledoc """
  An HTML scrubbing policy which limits to twitter-style text.  Only
  paragraphs, breaks and links are allowed through the filter.
  """

72
73
74
75
  @markup Application.get_env(:pleroma, :markup)
  @uri_schemes Application.get_env(:pleroma, :uri_schemes, [])
  @valid_schemes Keyword.get(@uri_schemes, :valid_schemes, [])

76
77
  require HtmlSanitizeEx.Scrubber.Meta
  alias HtmlSanitizeEx.Scrubber.Meta
78
79
80
81
82

  def version do
    0
  end

83
84
85
86
  Meta.remove_cdata_sections_before_scrub()
  Meta.strip_comments()

  # links
ValD's avatar
ValD committed
87
  Meta.allow_tag_with_uri_attributes("a", ["href", "data-user", "data-tag"], @valid_schemes)
88
89
90
91
92
93
94
95
  Meta.allow_tag_with_these_attributes("a", ["name", "title"])

  # paragraphs and linebreaks
  Meta.allow_tag_with_these_attributes("br", [])
  Meta.allow_tag_with_these_attributes("p", [])

  # microformats
  Meta.allow_tag_with_these_attributes("span", [])
96
97
98
99
100

  # allow inline images for custom emoji
  @allow_inline_images Keyword.get(@markup, :allow_inline_images)

  if @allow_inline_images do
101
102
    # restrict img tags to http/https only, because of MediaProxy.
    Meta.allow_tag_with_uri_attributes("img", ["src"], ["http", "https"])
103
104
105
106
107
108
109
110

    Meta.allow_tag_with_these_attributes("img", [
      "width",
      "height",
      "title",
      "alt"
    ])
  end
111
112

  Meta.strip_everything_not_covered()
113
114
115
116
117
118
119
end

defmodule Pleroma.HTML.Scrubber.Default do
  @doc "The default HTML scrubbing policy: no "

  require HtmlSanitizeEx.Scrubber.Meta
  alias HtmlSanitizeEx.Scrubber.Meta
120
121
122
123
124

  def version do
    0
  end

125
126
127
128
  @markup Application.get_env(:pleroma, :markup)
  @uri_schemes Application.get_env(:pleroma, :uri_schemes, [])
  @valid_schemes Keyword.get(@uri_schemes, :valid_schemes, [])

129
130
131
  Meta.remove_cdata_sections_before_scrub()
  Meta.strip_comments()

ValD's avatar
ValD committed
132
  Meta.allow_tag_with_uri_attributes("a", ["href", "data-user", "data-tag"], @valid_schemes)
133
134
  Meta.allow_tag_with_these_attributes("a", ["name", "title"])

scarlett's avatar
scarlett committed
135
136
  Meta.allow_tag_with_these_attributes("abbr", ["title"])

137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
  Meta.allow_tag_with_these_attributes("b", [])
  Meta.allow_tag_with_these_attributes("blockquote", [])
  Meta.allow_tag_with_these_attributes("br", [])
  Meta.allow_tag_with_these_attributes("code", [])
  Meta.allow_tag_with_these_attributes("del", [])
  Meta.allow_tag_with_these_attributes("em", [])
  Meta.allow_tag_with_these_attributes("i", [])
  Meta.allow_tag_with_these_attributes("li", [])
  Meta.allow_tag_with_these_attributes("ol", [])
  Meta.allow_tag_with_these_attributes("p", [])
  Meta.allow_tag_with_these_attributes("pre", [])
  Meta.allow_tag_with_these_attributes("span", [])
  Meta.allow_tag_with_these_attributes("strong", [])
  Meta.allow_tag_with_these_attributes("u", [])
  Meta.allow_tag_with_these_attributes("ul", [])

  @allow_inline_images Keyword.get(@markup, :allow_inline_images)

  if @allow_inline_images do
156
157
    # restrict img tags to http/https only, because of MediaProxy.
    Meta.allow_tag_with_uri_attributes("img", ["src"], ["http", "https"])
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195

    Meta.allow_tag_with_these_attributes("img", [
      "width",
      "height",
      "title",
      "alt"
    ])
  end

  @allow_tables Keyword.get(@markup, :allow_tables)

  if @allow_tables do
    Meta.allow_tag_with_these_attributes("table", [])
    Meta.allow_tag_with_these_attributes("tbody", [])
    Meta.allow_tag_with_these_attributes("td", [])
    Meta.allow_tag_with_these_attributes("th", [])
    Meta.allow_tag_with_these_attributes("thead", [])
    Meta.allow_tag_with_these_attributes("tr", [])
  end

  @allow_headings Keyword.get(@markup, :allow_headings)

  if @allow_headings do
    Meta.allow_tag_with_these_attributes("h1", [])
    Meta.allow_tag_with_these_attributes("h2", [])
    Meta.allow_tag_with_these_attributes("h3", [])
    Meta.allow_tag_with_these_attributes("h4", [])
    Meta.allow_tag_with_these_attributes("h5", [])
  end

  @allow_fonts Keyword.get(@markup, :allow_fonts)

  if @allow_fonts do
    Meta.allow_tag_with_these_attributes("font", ["face"])
  end

  Meta.strip_everything_not_covered()
end
196
197
198
199
200

defmodule Pleroma.HTML.Transform.MediaProxy do
  @moduledoc "Transforms inline image URIs to use MediaProxy."

  alias Pleroma.Web.MediaProxy
201
202
203
204
205

  def version do
    0
  end

206
207
208
209
210
211
212
213
214
215
  def before_scrub(html), do: html

  def scrub_attribute("img", {"src", "http" <> target}) do
    media_url =
      ("http" <> target)
      |> MediaProxy.url()

    {"src", media_url}
  end

Maksim's avatar
Maksim committed
216
  def scrub_attribute(_tag, attribute), do: attribute
217
218
219
220
221
222
223
224
225
226

  def scrub({"img", attributes, children}) do
    attributes =
      attributes
      |> Enum.map(fn attr -> scrub_attribute("img", attr) end)
      |> Enum.reject(&is_nil(&1))

    {"img", attributes, children}
  end

Maksim's avatar
Maksim committed
227
  def scrub({:comment, _children}), do: ""
228

229
  def scrub({tag, attributes, children}), do: {tag, attributes, children}
Maksim's avatar
Maksim committed
230
  def scrub({_tag, children}), do: children
231
232
  def scrub(text), do: text
end