-
Notifications
You must be signed in to change notification settings - Fork 100
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adds
sanitize_html
, a whitelist based HTML sanitizer. (#171)
- Loading branch information
Showing
5 changed files
with
229 additions
and
0 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
/* | ||
* Takes in a string and json_encode()"d lists to produce a sanitized string. | ||
* This function operates on whitelists, there is currently no way to blacklist. | ||
* Args: | ||
* * text: the string to sanitize. | ||
* * attribute_whitelist_json: a json_encode()'d list of HTML attributes to allow in the final string. | ||
* * tag_whitelist_json: a json_encode()'d list of HTML tags to allow in the final string. | ||
*/ | ||
#define rustg_sanitize_html(text, attribute_whitelist_json, tag_whitelist_json) RUSTG_CALL(RUST_G, "sanitize_html")(text, attribute_whitelist_json, tag_whitelist_json) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
use crate::error::Result; | ||
use std::collections::HashSet; | ||
|
||
byond_fn!(fn sanitize_html(text, attribute_whitelist_json, tag_whitelist_json) { | ||
match seriously_sanitize_html(text, attribute_whitelist_json, tag_whitelist_json) { | ||
Ok(r) => return Some(r), | ||
Err(e) => return Some(e.to_string()) | ||
} | ||
}); | ||
|
||
fn seriously_sanitize_html( | ||
text: &str, | ||
attribute_whitelist_json: &str, | ||
tag_whitelist_json: &str, | ||
) -> Result<String> { | ||
let attribute_whitelist: HashSet<&str> = serde_json::from_str(attribute_whitelist_json)?; | ||
let tag_whitelist: HashSet<&str> = serde_json::from_str(tag_whitelist_json)?; | ||
|
||
let mut prune_url_schemes = ammonia::Builder::default().clone_url_schemes(); | ||
prune_url_schemes.insert("byond"); | ||
|
||
let sanitized = ammonia::Builder::empty() | ||
.clean_content_tags(HashSet::from_iter(["script", "style"])) // Completely forbid script and style attributes. | ||
.link_rel(Some("noopener")) // https://mathiasbynens.github.io/rel-noopener/ | ||
.url_schemes(prune_url_schemes) | ||
.generic_attributes(attribute_whitelist) | ||
.tags(tag_whitelist) | ||
.clean(text) | ||
.to_string(); | ||
|
||
Ok(sanitized) | ||
} |