asonix/mastodon
1
1
Fork 1
Code Issues Pull requests Projects Releases Wiki Activity
7455 commits 36 branches 245 tags 214 MiB
Commit graph

9 commits

Author SHA1 Message Date
ThibG 6c4a196b53 Fix sanitizing lists contents (#11354) 
* Add test

* Fix code for sanitizing nested lists stripping all tags
 2019-08-09 21:33:18 +02:00
Eugen Rochko 103a9f4466
Fix sanitizer making block level elements unreadable (#10836) 
Fix #10834
 2019-06-16 21:46:36 +02:00
Eugen Rochko 8f64b17d98 Whitelist dat/ipfs/gopher links in sanitizer (#8034) 
Fix #7994
 2018-07-16 22:17:43 +09:00
puckipedia 545095b3ce [!] Sanitize incoming classlist properly (#6162) 
* Sanitize classlist properly

* Actually properly sanitize every class after the first

* Improve Formatter spec to check for multiple classes and non-space whitespace
 2018-01-03 03:54:08 +01:00
nightpool 94d0e012de Whitelist allowed classes for federated statuses (#3810) 
* Whitelist allowed classes for federated statuses

Allowed classes are currently:

 - Any microformats class (h/p/u/dt/e-*)
 - the classes mention, hashtag, ellipses and invisible.

this last one is somewhat suspect, but Mastodon currently uses it to render hidden link text.

resolved #3790

* Fix code style
 2017-06-17 20:26:05 +02:00
unarist 6bd6dcf6df Allow "class" attribute on the "a" tag in sanitization (#3623) 
This preserves `<a ... class="u-url mention">` from other Mastodon instances.
 2017-06-07 15:57:30 +02:00
Eugen Rochko 58bcd50f7f Fix #1426 - Trim long usernames in public follower/following lists (#2993) 
Fix #2221 - Catch OpenSSL exceptions when loading remote avatars/headers/attachments
Don't strip "rel" attribute from <a> tags when sanitizing (microformats)
 2017-05-11 23:14:00 +02:00
Yamagishi Kazutoshi 4a5f73c8ae Add target=_blank to user note (#2622) 
* Add target=_blank to user note

Open new window when click link from user profile in remote instance.

* fix rubocop
 2017-04-30 00:28:41 +02:00
Eugen Rochko 88725d6ce8 OEmbed support for PreviewCard (#2337) 
* OEmbed support for PreviewCard

* Improve ProviderDiscovery code failure treatment

* Do not crawl links if there is a content warning, since those
don't display a link card anyway

* Reset db schema

* Fresh migrate

* Fix rubocop style issues
Fix #1681 - return existing access token when applicable instead of creating new

* Fix test

* Extract http client to helper

* Improve oembed controller
 2017-04-27 14:42:22 +02:00