Dereku/snappymail
1
0
Fork 0
mirror of https://github.com/the-djmaze/snappymail.git synced 2026-06-26 16:26:44 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Squire sanitizeToDOMFragment use cleanHTML

Browse source
This commit is contained in:
the-djmaze 2024-09-30 17:01:50 +02:00
parent beb418080f
commit f43c2c92b5
2 changed files with 9 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

11
dev/Common/Html.js
View file

@ -23,7 +23,7 @@ const
// Structural Elements: // Structural Elements:
'blockquote','br','div','figcaption','figure','h1','h2','h3','h4','h5','h6','hgroup','hr','p','wbr', 'blockquote','br','div','figcaption','figure','h1','h2','h3','h4','h5','h6','hgroup','hr','p','wbr',
'article','aside','header','footer','main','section', 'article','aside','header','footer','main','section',
'details','summary', 'details','summary','nav',
// List Elements // List Elements
'dd','dl','dt','li','ol','ul', 'dd','dl','dt','li','ol','ul',
// Text Formatting Elements // Text Formatting Elements
@ -282,6 +282,8 @@ export const
'abbr', 'scope', 'abbr', 'scope',
// td // td
'colspan', 'rowspan', 'headers' 'colspan', 'rowspan', 'headers'
// others
//'class', 'id', 'target'
]; ];
if (SettingsUserStore.allowStyles()) { if (SettingsUserStore.allowStyles()) {
@ -332,7 +334,7 @@ export const
tmpl.content.querySelectorAll(keepTagContent).forEach(oElement => replaceWithChildren(oElement)); tmpl.content.querySelectorAll(keepTagContent).forEach(oElement => replaceWithChildren(oElement));
tmpl.content.querySelectorAll( tmpl.content.querySelectorAll(
':not('+allowedTags+')' ':not('+allowedTags+'),a:empty,span:empty'
+ (0 < bqLevel ? ',' + (new Array(1 + bqLevel).fill('blockquote').join(' ')) : '') + (0 < bqLevel ? ',' + (new Array(1 + bqLevel).fill('blockquote').join(' ')) : '')
).forEach(oElement => oElement.remove()); ).forEach(oElement => oElement.remove());
/* // Is this slower or faster? /* // Is this slower or faster?
@ -356,7 +358,7 @@ export const
}); });
*/ */
[...tmpl.content.querySelectorAll('*')].forEach(oElement => { msgId && [...tmpl.content.querySelectorAll('*')].forEach(oElement => {
const name = oElement.tagName, const name = oElement.tagName,
oStyle = oElement.style; oStyle = oElement.style;
@ -631,7 +633,7 @@ export const
} }
}); });
blockquoteSwitcher(); msgId && blockquoteSwitcher();
// return tmpl.content.firstChild; // return tmpl.content.firstChild;
result.html = tmpl.innerHTML.trim(); result.html = tmpl.innerHTML.trim();
@ -819,6 +821,7 @@ export const
}; };
rl.Utils = { rl.Utils = {
cleanHtml: cleanHtml,
htmlToPlain: htmlToPlain, htmlToPlain: htmlToPlain,
plainToHtml: plainToHtml, plainToHtml: plainToHtml,
htmlToMarkdown: htmlToMarkdown htmlToMarkdown: htmlToMarkdown

29
dev/External/SquireUI.js vendored
View file

@ -3,10 +3,6 @@
(doc => { (doc => {
const const
removeElements = 'HEAD,LINK,META,NOSCRIPT,SCRIPT,TEMPLATE,TITLE',
allowedElements = 'A,B,BLOCKQUOTE,BR,DIV,FONT,H1,H2,H3,H4,H5,H6,HR,IMG,LI,OL,P,SPAN,STRONG,TABLE,TD,TH,TR,U,UL',
allowedAttributes = 'abbr,align,background,bgcolor,border,cellpadding,cellspacing,class,color,colspan,dir,face,frame,height,href,hspace,id,lang,rowspan,rules,scope,size,src,style,target,type,usemap,valign,vspace,width'.split(','),
i18n = (str, def) => rl.i18n(str) || def, i18n = (str, def) => rl.i18n(str) || def,
ctrlKey = shortcuts.getMetaKey() + ' + ', ctrlKey = shortcuts.getMetaKey() + ' + ',
@ -21,38 +17,17 @@ const
forEachObjectValue = (obj, fn) => Object.values(obj).forEach(fn), forEachObjectValue = (obj, fn) => Object.values(obj).forEach(fn),
getFragmentOfChildren = parent => {
let frag = doc.createDocumentFragment();
frag.append(...parent.childNodes);
return frag;
},
SquireDefaultConfig = { SquireDefaultConfig = {
/* /*
addLinks: true // allow_smart_html_links addLinks: true // allow_smart_html_links
*/ */
sanitizeToDOMFragment: (html, isPaste/*, squire*/) => { sanitizeToDOMFragment: (html, isPaste/*, squire*/) => {
tpl.innerHTML = (html||'') html = (html||'')
.replace(/<\/?(BODY|HTML)[^>]*>/gi,'') .replace(/<\/?(BODY|HTML)[^>]*>/gi,'')
.replace(/<!--[^>]+-->/g,'') .replace(/<!--[^>]+-->/g,'')
.replace(/<span[^>]*>\s*<\/span>/gi,'') .replace(/<span[^>]*>\s*<\/span>/gi,'')
.trim(); .trim();
tpl.querySelectorAll('a:empty,span:empty').forEach(el => el.remove()); tpl.innerHTML = isPaste ? rl.Utils.cleanHtml(html).html : html;
if (isPaste) {
tpl.querySelectorAll(removeElements).forEach(el => el.remove());
tpl.querySelectorAll('*').forEach(el => {
if (!el.matches(allowedElements)) {
el.replaceWith(getFragmentOfChildren(el));
} else if (el.hasAttributes()) {
[...el.attributes].forEach(attr => {
let name = attr.name.toLowerCase();
if (!allowedAttributes.includes(name)) {
el.removeAttribute(name);
}
});
}
});
}
return tpl.content; return tpl.content;
} }
}; };