Página Principal Explorar Ajuda
Registe-se Iniciar Sessão
ylproj
/
jupyterlab
2
0
Fork 0
Ficheiros Problemas 0 Pull Requests 0 Wiki
Árvore: 4fe9c9b4f4
Ramos Etiquetas
jupyterlab
/
packages
/
apputils
/
src
/
sanitizer.ts

sanitizer.ts 1.5 KB
Histórico Em bruto

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556 
  1. // Copyright (c) Jupyter Development Team.
    2. 

  2. // Distributed under the terms of the Modified BSD License.
    3. 

  3. import * as sanitize from 'sanitize-html';
    4. 

  4. 

  5. 

  6. export
    7. 

  7. interface ISanitizer {
    8. 

  8.   /**
    9. 

  9.    * Sanitize an HTML string.
    10. 

  10.    */
    11. 

  11.   sanitize(dirty: string): string;
    12. 

  12. }
    13. 

  13. 

  14. 

  15. /**
    16. 

  16.  * A class to sanitize HTML strings.
    17. 

  17.  */
    18. 

  18. class Sanitizer implements ISanitizer {
    19. 

  19.   /**
    20. 

  20.    * Sanitize an HTML string.
    21. 

  21.    */
    22. 

  22.   sanitize(dirty: string): string {
    23. 

  23.     return sanitize(dirty, this._options);
    24. 

  24.   }
    25. 

  25. 

  26.   private _options: sanitize.IOptions = {
    27. 

  27.     allowedTags: sanitize.defaults.allowedTags
    28. 

  28.       .concat('h1', 'h2', 'img', 'span', 'audio', 'video'),
    29. 

  29.     allowedAttributes: {
    30. 

  30.       // Allow the "rel" attribute for <a> tags.
    31. 

  31.       'a': sanitize.defaults.allowedAttributes['a'].concat('rel'),
    32. 

  32.       // Allow the "src" attribute for <img> tags.
    33. 

  33.       'img': ['src', 'height', 'width', 'alt'],
    34. 

  34.       // Allow "class" attribute for <code> tags.
    35. 

  35.       'code': ['class'],
    36. 

  36.       // Allow "class" attribute for <span> tags.
    37. 

  37.       'span': ['class'],
    38. 

  38.       // Allow the "src" attribute for <audio> tags.
    39. 

  39.       'audio': ['src', 'autoplay', 'loop', 'muted', 'controls'],
    40. 

  40.       // Allow the "src" attribute for <video> tags.
    41. 

  41.       'video': ['src', 'height', 'width', 'autoplay',
    42. 

  42.                 'loop', 'muted', 'controls']
    43. 

  43.     },
    44. 

  44.     transformTags: {
    45. 

  45.       // Set the "rel" attribute for <a> tags to "nofollow".
    46. 

  46.       'a': sanitize.simpleTransform('a', { 'rel': 'nofollow' })
    47. 

  47.     }
    48. 

  48.   };
    49. 

  49. }
    50. 

  50. 

  51. 

  52. /**
    53. 

  53.  * The default instance of an `ISanitizer` meant for use by user code.
    54. 

  54.  */
    55. 

  55. export
    56. 

  56. const defaultSanitizer: ISanitizer = new Sanitizer();
    57.