self-hosted/joplin
1
0
Fork 0
mirror of https://github.com/laurent22/joplin.git synced 2025-11-23 22:36:32 +02:00
Code Issues Releases Activity

Clipper: Resolves #6247: Clipper unable to pull and store PDFs (#6384)

Browse Source
This commit is contained in:
asrient
2022-06-20 18:26:54 +05:30
committed by GitHub
parent 0c50a5ab9b
commit c0bc4c38c3
7 changed files with 217 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
packages/lib/htmlUtils.ts
View File

@@ -7,6 +7,9 @@ const { escapeHtml } = require('./string-utils.js');
// https://stackoverflow.com/a/16119722/561309
const imageRegex = /<img([\s\S]*?)src=["']([\s\S]*?)["']([\s\S]*?)>/gi;
const anchorRegex = /<a([\s\S]*?)href=["']([\s\S]*?)["']([\s\S]*?)>/gi;
const embedRegex = /<embed([\s\S]*?)src=["']([\s\S]*?)["']([\s\S]*?)>/gi;
const objectRegex = /<object([\s\S]*?)data=["']([\s\S]*?)["']([\s\S]*?)>/gi;
const pdfUrlRegex = /[\s\S]*?\.pdf$/i;
const selfClosingElements = [
'area',
@@ -61,6 +64,11 @@ class HtmlUtils {
return this.extractUrls(imageRegex, html);
}
// Returns the **encoded** URLs, so to be useful they should be decoded again before use.
public extractPdfUrls(html: string) {
return [...this.extractUrls(embedRegex, html), ...this.extractUrls(objectRegex, html)].filter(url => pdfUrlRegex.test(url));
}
// Returns the **encoded** URLs, so to be useful they should be decoded again before use.
public extractAnchorUrls(html: string) {
return this.extractUrls(anchorRegex, html);
@@ -87,6 +95,27 @@ class HtmlUtils {
});
}
public replaceEmbedUrls(html: string, callback: Function) {
if (!html) return '';
// We are adding the link as <a> since joplin disabled <embed>, <object> tags due to security reasons.
// See: CVE-2020-15930
html = html.replace(embedRegex, (_v: string, _before: string, src: string, _after: string) => {
const link = callback(src);
return `<a href="${link}">${escapeHtml(src)}</a>`;
});
html = html.replace(objectRegex, (_v: string, _before: string, src: string, _after: string) => {
const link = callback(src);
return `<a href="${link}">${escapeHtml(src)}</a>`;
});
return html;
}
public replaceMediaUrls(html: string, callback: Function) {
html = this.replaceImageUrls(html, callback);
html = this.replaceEmbedUrls(html, callback);
return html;
}
// Note that the URLs provided by this function are URL-encoded, which is
// usually what you want for web URLs. But if they are file:// URLs and the
// file path is going to be used, it will need to be unescaped first. The