html.ex 6.86 KB
Newer Older
1
# Pleroma: A lightweight social networking server
kaniini's avatar
kaniini committed
2
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3
4
# SPDX-License-Identifier: AGPL-3.0-only

5
6
7
defmodule Pleroma.HTML do
  alias HtmlSanitizeEx.Scrubber

Rin Toshaka's avatar
Rin Toshaka committed
8
9
10
11
  defp get_scrubbers(scrubber) when is_atom(scrubber), do: [scrubber]
  defp get_scrubbers(scrubbers) when is_list(scrubbers), do: scrubbers
  defp get_scrubbers(_), do: [Pleroma.HTML.Scrubber.Default]

12
  def get_scrubbers do
Rin Toshaka's avatar
Rin Toshaka committed
13
14
15
16
17
    Pleroma.Config.get([:markup, :scrub_policy])
    |> get_scrubbers
  end

  def filter_tags(html, nil) do
18
19
20
21
22
    filter_tags(html, get_scrubbers())
  end

  def filter_tags(html, scrubbers) when is_list(scrubbers) do
    Enum.reduce(scrubbers, html, fn scrubber, html ->
23
24
      filter_tags(html, scrubber)
    end)
25
26
  end

Maksim's avatar
Maksim committed
27
  def filter_tags(html, scrubber), do: Scrubber.scrub(html, scrubber)
28
  def filter_tags(html), do: filter_tags(html, nil)
Maksim's avatar
Maksim committed
29
  def strip_tags(html), do: Scrubber.scrub(html, Scrubber.StripTags)
30

31
32
  def get_cached_scrubbed_html_for_object(content, scrubbers, object, module) do
    key = "#{module}#{generate_scrubber_signature(scrubbers)}|#{object.id}"
33
34
35
    Cachex.fetch!(:scrubber_cache, key, fn _key -> ensure_scrubbed_html(content, scrubbers) end)
  end

36
  def get_cached_stripped_html_for_object(content, object, module) do
Rin Toshaka's avatar
oopsies    
Rin Toshaka committed
37
38
39
40
41
42
    get_cached_scrubbed_html_for_object(
      content,
      HtmlSanitizeEx.Scrubber.StripTags,
      object,
      module
    )
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
  end

  def ensure_scrubbed_html(
        content,
        scrubbers
      ) do
    {:commit, filter_tags(content, scrubbers)}
  end

  defp generate_scrubber_signature(scrubber) when is_atom(scrubber) do
    generate_scrubber_signature([scrubber])
  end

  defp generate_scrubber_signature(scrubbers) do
    Enum.reduce(scrubbers, "", fn scrubber, signature ->
58
      "#{signature}#{to_string(scrubber)}"
59
60
    end)
  end
61

62
63
  def extract_first_external_url(_, nil), do: {:error, "No content"}

64
65
66
67
68
69
70
71
72
73
  def extract_first_external_url(object, content) do
    key = "URL|#{object.id}"

    Cachex.fetch!(:scrubber_cache, key, fn _key ->
      result =
        content
        |> Floki.filter_out("a.mention")
        |> Floki.attribute("a", "href")
        |> Enum.at(0)

74
      {:commit, {:ok, result}}
75
76
    end)
  end
77
end
78
79
80
81
82
83
84

defmodule Pleroma.HTML.Scrubber.TwitterText do
  @moduledoc """
  An HTML scrubbing policy which limits to twitter-style text.  Only
  paragraphs, breaks and links are allowed through the filter.
  """

85
  @markup Application.get_env(:pleroma, :markup)
Haelwenn's avatar
Stash    
Haelwenn committed
86
  @valid_schemes Pleroma.Config.get([:uri_schemes, :valid_schemes], [])
87

88
89
  require HtmlSanitizeEx.Scrubber.Meta
  alias HtmlSanitizeEx.Scrubber.Meta
90

91
92
93
94
  Meta.remove_cdata_sections_before_scrub()
  Meta.strip_comments()

  # links
ValD's avatar
ValD committed
95
  Meta.allow_tag_with_uri_attributes("a", ["href", "data-user", "data-tag"], @valid_schemes)
96
  Meta.allow_tag_with_these_attributes("a", ["name", "title", "class"])
97
98
99
100
101
102

  # paragraphs and linebreaks
  Meta.allow_tag_with_these_attributes("br", [])
  Meta.allow_tag_with_these_attributes("p", [])

  # microformats
103
  Meta.allow_tag_with_these_attributes("span", ["class"])
104
105
106
107
108

  # allow inline images for custom emoji
  @allow_inline_images Keyword.get(@markup, :allow_inline_images)

  if @allow_inline_images do
109
110
    # restrict img tags to http/https only, because of MediaProxy.
    Meta.allow_tag_with_uri_attributes("img", ["src"], ["http", "https"])
111
112
113
114
115
116
117
118

    Meta.allow_tag_with_these_attributes("img", [
      "width",
      "height",
      "title",
      "alt"
    ])
  end
119
120

  Meta.strip_everything_not_covered()
121
122
123
124
125
126
127
end

defmodule Pleroma.HTML.Scrubber.Default do
  @doc "The default HTML scrubbing policy: no "

  require HtmlSanitizeEx.Scrubber.Meta
  alias HtmlSanitizeEx.Scrubber.Meta
Haelwenn's avatar
Haelwenn committed
128
129
  # credo:disable-for-previous-line
  # No idea how to fix this one…
130

131
  @markup Application.get_env(:pleroma, :markup)
Haelwenn's avatar
Stash    
Haelwenn committed
132
  @valid_schemes Pleroma.Config.get([:uri_schemes, :valid_schemes], [])
133

134
135
136
  Meta.remove_cdata_sections_before_scrub()
  Meta.strip_comments()

ValD's avatar
ValD committed
137
  Meta.allow_tag_with_uri_attributes("a", ["href", "data-user", "data-tag"], @valid_schemes)
138
  Meta.allow_tag_with_these_attributes("a", ["name", "title", "class"])
139

scarlett's avatar
scarlett committed
140
141
  Meta.allow_tag_with_these_attributes("abbr", ["title"])

142
143
144
145
146
147
148
149
150
151
152
  Meta.allow_tag_with_these_attributes("b", [])
  Meta.allow_tag_with_these_attributes("blockquote", [])
  Meta.allow_tag_with_these_attributes("br", [])
  Meta.allow_tag_with_these_attributes("code", [])
  Meta.allow_tag_with_these_attributes("del", [])
  Meta.allow_tag_with_these_attributes("em", [])
  Meta.allow_tag_with_these_attributes("i", [])
  Meta.allow_tag_with_these_attributes("li", [])
  Meta.allow_tag_with_these_attributes("ol", [])
  Meta.allow_tag_with_these_attributes("p", [])
  Meta.allow_tag_with_these_attributes("pre", [])
153
  Meta.allow_tag_with_these_attributes("span", ["class"])
154
155
156
157
158
159
160
  Meta.allow_tag_with_these_attributes("strong", [])
  Meta.allow_tag_with_these_attributes("u", [])
  Meta.allow_tag_with_these_attributes("ul", [])

  @allow_inline_images Keyword.get(@markup, :allow_inline_images)

  if @allow_inline_images do
161
162
    # restrict img tags to http/https only, because of MediaProxy.
    Meta.allow_tag_with_uri_attributes("img", ["src"], ["http", "https"])
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200

    Meta.allow_tag_with_these_attributes("img", [
      "width",
      "height",
      "title",
      "alt"
    ])
  end

  @allow_tables Keyword.get(@markup, :allow_tables)

  if @allow_tables do
    Meta.allow_tag_with_these_attributes("table", [])
    Meta.allow_tag_with_these_attributes("tbody", [])
    Meta.allow_tag_with_these_attributes("td", [])
    Meta.allow_tag_with_these_attributes("th", [])
    Meta.allow_tag_with_these_attributes("thead", [])
    Meta.allow_tag_with_these_attributes("tr", [])
  end

  @allow_headings Keyword.get(@markup, :allow_headings)

  if @allow_headings do
    Meta.allow_tag_with_these_attributes("h1", [])
    Meta.allow_tag_with_these_attributes("h2", [])
    Meta.allow_tag_with_these_attributes("h3", [])
    Meta.allow_tag_with_these_attributes("h4", [])
    Meta.allow_tag_with_these_attributes("h5", [])
  end

  @allow_fonts Keyword.get(@markup, :allow_fonts)

  if @allow_fonts do
    Meta.allow_tag_with_these_attributes("font", ["face"])
  end

  Meta.strip_everything_not_covered()
end
201
202
203
204
205

defmodule Pleroma.HTML.Transform.MediaProxy do
  @moduledoc "Transforms inline image URIs to use MediaProxy."

  alias Pleroma.Web.MediaProxy
206

207
208
209
210
211
212
213
214
215
216
  def before_scrub(html), do: html

  def scrub_attribute("img", {"src", "http" <> target}) do
    media_url =
      ("http" <> target)
      |> MediaProxy.url()

    {"src", media_url}
  end

Maksim's avatar
Maksim committed
217
  def scrub_attribute(_tag, attribute), do: attribute
218
219
220
221
222
223
224
225
226
227

  def scrub({"img", attributes, children}) do
    attributes =
      attributes
      |> Enum.map(fn attr -> scrub_attribute("img", attr) end)
      |> Enum.reject(&is_nil(&1))

    {"img", attributes, children}
  end

Maksim's avatar
Maksim committed
228
  def scrub({:comment, _children}), do: ""
229

230
  def scrub({tag, attributes, children}), do: {tag, attributes, children}
Maksim's avatar
Maksim committed
231
  def scrub({_tag, children}), do: children
232
233
  def scrub(text), do: text
end