You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
43 lines
1.1 KiB
43 lines
1.1 KiB
const { markdown } = require('syzoj-renderer'); |
|
const XSS = require('xss'); |
|
const CSSFilter = require('cssfilter'); |
|
const xssWhiteList = Object.assign({}, require('xss/lib/default').whiteList); |
|
|
|
delete xssWhiteList.audio; |
|
delete xssWhiteList.video; |
|
|
|
for (const tag in xssWhiteList) { |
|
xssWhiteList[tag] = xssWhiteList[tag].concat(['style', 'class']); |
|
} |
|
|
|
const xss = new XSS.FilterXSS({ |
|
whiteList: xssWhiteList, |
|
stripIgnoreTag: true, |
|
onTagAttr: (tag, name, value, isWhiteAttr) => { |
|
if (tag.toLowerCase() === 'img' && name.toLowerCase() === 'src' && value.startsWith('data:image/')) { |
|
return name + '="' + XSS.escapeAttrValue(value) + '"'; |
|
} |
|
} |
|
}); |
|
|
|
const defaultCache = { |
|
data: {}, |
|
get(key) { |
|
return this.data[key]; |
|
}, |
|
set(key, val) { |
|
this.data[key] = val; |
|
} |
|
}; |
|
|
|
function filter(html) { |
|
html = xss.process(html); |
|
if (html) { |
|
html = `<div style="position: relative; overflow: hidden; ">${html}</div>`; |
|
} |
|
return html; |
|
}; |
|
|
|
module.exports = (markdownCode, callback) => { |
|
markdown(markdownCode, defaultCache, filter).then(callback); |
|
};
|
|
|