-
-
Notifications
You must be signed in to change notification settings - Fork 38
/
sanitizer.go
113 lines (108 loc) · 1.7 KB
/
sanitizer.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
package renderer
import (
"regexp"
"strings"
"github.com/microcosm-cc/bluemonday"
)
var (
htmlSanitizer = bluemonday.UGCPolicy().
// allow element alignment
AllowAttrs("align").Globally().
// allow element width
AllowAttrs("width").Globally().
// allow language class on code blocks (used for mermaid.js diagrams)
AllowAttrs("class").Matching(regexp.MustCompile(`^language-(.*)$`)).OnElements("code").
// allow chroma class on pre (used for syntax highlighting)
AllowAttrs("class").Matching(regexp.MustCompile(`chroma$`)).OnElements("pre").
// allow chroma classes on span elements (used for syntax highlighting)
AllowAttrs("class").Matching(chromaSpanClassRegex).OnElements("span")
// ChromaSpanClassRegex is a regex that matches all the elements that can are rendered by chroma
chromaSpanClassRegex = regexp.MustCompile(`^(` + strings.Join(chromaSpanClasses, "|") + `)$`)
// ChromaSpanClasses is a list of all the elements that can are rendered by chrome
// see web/static/css/chroma.css for styling
chromaSpanClasses = []string{
"x",
"err",
"cl",
"lnlinks",
"lntd",
"lntable",
"hl",
"ln",
"line",
"k",
"kc",
"kd",
"kn",
"kp",
"kr",
"kt",
"n",
"na",
"nb",
"bp",
"nc",
"no",
"nd",
"ni",
"ne",
"nf",
"fm",
"nl",
"nn",
"nx",
"py",
"nt",
"nv",
"vc",
"vg",
"vi",
"vm",
"l",
"ld",
"s",
"sa",
"sb",
"sc",
"dl",
"sd",
"s2",
"se",
"sh",
"si",
"sx",
"sr",
"s1",
"ss",
"m",
"mb",
"mf",
"mh",
"mi",
"il",
"mo",
"o",
"ow",
"p",
"c",
"ch",
"cm",
"c1",
"cs",
"cp",
"cpf",
"g",
"gd",
"ge",
"gr",
"gh",
"gi",
"go",
"gp",
"gs",
"gu",
"gt",
"gl",
"w",
}
)