2020-11-05 16:58:23 +00:00
|
|
|
import { RuleOptions } from '../../MdToHtml';
|
2020-11-20 16:04:47 +00:00
|
|
|
import htmlUtils from '../../htmlUtils';
|
2020-10-21 00:23:55 +01:00
|
|
|
|
2020-02-13 23:59:23 +00:00
|
|
|
const md5 = require('md5');
|
|
|
|
|
2020-10-21 00:23:55 +01:00
|
|
|
export default {
|
2024-04-05 12:16:49 +01:00
|
|
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- Old code before rule was applied
|
2020-11-12 19:13:28 +00:00
|
|
|
plugin: function(markdownIt: any, ruleOptions: RuleOptions) {
|
2024-04-05 12:16:49 +01:00
|
|
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- Old code before rule was applied
|
2020-11-12 19:13:28 +00:00
|
|
|
markdownIt.core.ruler.push('sanitize_html', (state: any) => {
|
2020-10-21 00:23:55 +01:00
|
|
|
const tokens = state.tokens;
|
|
|
|
|
2024-04-05 12:16:49 +01:00
|
|
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- Old code before rule was applied
|
2020-11-12 19:13:28 +00:00
|
|
|
const walkHtmlTokens = (tokens: any[]) => {
|
2020-10-21 00:23:55 +01:00
|
|
|
if (!tokens || !tokens.length) return;
|
|
|
|
|
|
|
|
for (const token of tokens) {
|
|
|
|
if (!['html_block', 'html_inline'].includes(token.type)) {
|
|
|
|
walkHtmlTokens(token.children);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
const cacheKey = md5(escape(token.content));
|
|
|
|
let sanitizedContent = ruleOptions.context.cache.value(cacheKey);
|
|
|
|
|
|
|
|
// For html_inline, the content is only a fragment of HTML, as it will be rendered, but
|
|
|
|
// it's not necessarily valid HTML. For example this HTML:
|
|
|
|
//
|
|
|
|
// <a href="#">Testing</a>
|
|
|
|
//
|
|
|
|
// will be rendered as three tokens:
|
|
|
|
//
|
|
|
|
// html_inline: <a href="#">
|
|
|
|
// text: Testing
|
|
|
|
// html_inline: </a>
|
|
|
|
//
|
|
|
|
// So the sanitizeHtml function must handle this kind of non-valid HTML.
|
|
|
|
|
|
|
|
if (!sanitizedContent) {
|
2023-12-06 11:17:16 -08:00
|
|
|
sanitizedContent = htmlUtils.sanitizeHtml(
|
|
|
|
token.content,
|
|
|
|
{
|
|
|
|
addNoMdConvClass: true,
|
|
|
|
allowedFilePrefixes: ruleOptions.allowedFilePrefixes,
|
|
|
|
},
|
|
|
|
);
|
2020-10-21 00:23:55 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
token.content = sanitizedContent;
|
|
|
|
|
|
|
|
ruleOptions.context.cache.setValue(cacheKey, sanitizedContent, 1000 * 60 * 60);
|
2020-02-13 23:59:23 +00:00
|
|
|
walkHtmlTokens(token.children);
|
|
|
|
}
|
2020-10-21 00:23:55 +01:00
|
|
|
};
|
2020-02-13 23:59:23 +00:00
|
|
|
|
2020-10-21 00:23:55 +01:00
|
|
|
walkHtmlTokens(tokens);
|
|
|
|
});
|
|
|
|
},
|
|
|
|
};
|