Fix glitch-soc marking every link in toots as a tag

author Thibaut Girka <thib@sitedethib.com>

Sun, 22 Mar 2020 15:59:29 +0000 (16:59 +0100)

committer ThibG <thib@sitedethib.com>

Tue, 24 Mar 2020 11:07:47 +0000 (12:07 +0100)
author Thibaut Girka <thib@sitedethib.com>
Sun, 22 Mar 2020 15:59:29 +0000 (16:59 +0100)
committer ThibG <thib@sitedethib.com>
Tue, 24 Mar 2020 11:07:47 +0000 (12:07 +0100)
diff --git a/app/lib/formatter.rb b/app/lib/formatter.rb

index fcc99d0095baf273fb2c770ac72d434449492e43..b7a0286d2d602bbbcdfe1e9e4e51c8d29cb5d3bf 100644 (file)
--- a/app/lib/formatter.rb
+++ b/app/lib/formatter.rb
@@ -131,7 +131,7 @@ class Formatter
    end
  
    def link_url(url)
-    "<a href=\"#{encode(url)}\" target=\"blank\" rel=\"nofollow noopener\">#{link_html(url)}</a>"
+    "<a href=\"#{encode(url)}\" target=\"blank\" rel=\"nofollow noopener noreferrer\">#{link_html(url)}</a>"
    end
  
    private
diff --git a/app/lib/sanitize_config.rb b/app/lib/sanitize_config.rb

index e3fc94ba637a7600c4d315f3c5d4c9587ccf7534..8bbcca4ce5c69ba8c3e3ef57bf00e9732762feba 100644 (file)
--- a/app/lib/sanitize_config.rb
+++ b/app/lib/sanitize_config.rb
@@ -54,6 +54,15 @@ class Sanitize
        end
      end
  
+    LINK_REL_TRANSFORMER = lambda do |env|
+      return unless env[:node_name] == 'a'
+
+      node = env[:node]
+
+      rel = (node['rel'] || '').split(' ') & ['tag']
+      node['rel'] = (['nofollow', 'noopener', 'noreferrer'] + rel).join(' ')
+    end
+
      UNSUPPORTED_HREF_TRANSFORMER = lambda do |env|
        return unless env[:node_name] == 'a'
  
@@ -82,7 +91,6 @@ class Sanitize
  
        add_attributes: {
          'a' => {
-          'rel' => 'nofollow noopener tag noreferrer',
            'target' => '_blank',
          },
        },
@@ -95,6 +103,7 @@ class Sanitize
        transformers: [
          CLASS_WHITELIST_TRANSFORMER,
          IMG_TAG_TRANSFORMER,
+        LINK_REL_TRANSFORMER,
          UNSUPPORTED_HREF_TRANSFORMER,
        ]
      )
diff --git a/spec/lib/sanitize_config_spec.rb b/spec/lib/sanitize_config_spec.rb

index 50558a0d81605416b24a617effb7edd47b2dd6b0..2d82c00eaf2076714a04747673c9acec09c6a789 100644 (file)
--- a/spec/lib/sanitize_config_spec.rb
+++ b/spec/lib/sanitize_config_spec.rb
@@ -28,7 +28,11 @@ describe Sanitize::Config do
      end
  
      it 'keeps a with href' do
-      expect(Sanitize.fragment('<a href="http://example.com">Test</a>', subject)).to eq '<a href="http://example.com" rel="nofollow noopener tag noreferrer" target="_blank">Test</a>'
+      expect(Sanitize.fragment('<a href="http://example.com">Test</a>', subject)).to eq '<a href="http://example.com" rel="nofollow noopener noreferrer" target="_blank">Test</a>'
+    end
+
+    it 'keeps a with href and rel tag' do
+      expect(Sanitize.fragment('<a href="http://example.com" rel="tag">Test</a>', subject)).to eq '<a href="http://example.com" rel="nofollow noopener noreferrer tag" target="_blank">Test</a>'
      end
    end
  end
author	Thibaut Girka <thib@sitedethib.com>
	Sun, 22 Mar 2020 15:59:29 +0000 (16:59 +0100)
committer	ThibG <thib@sitedethib.com>
	Tue, 24 Mar 2020 11:07:47 +0000 (12:07 +0100)
app/lib/formatter.rb		patch \| blob \| history
app/lib/sanitize_config.rb		patch \| blob \| history
spec/lib/sanitize_config_spec.rb		patch \| blob \| history