Claire
84a40824ad
Fix sanitizer parsing link text as HTML when stripping unsupported links ( #22558 ) ( #23491 )
2023-02-09 21:02:01 +01:00
Claire
a4dcaef53b
Prepare Mastodon for zeitwerk autoloader ( #15917 )
...
* Prepare Mastodon for zeitwerk autoloader (Rails 6)
Add inflections and rename/move a few classes.
In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb
were manually loaded while still in autoload paths.
* Add inflection for Url → URL
2021-03-19 02:42:43 +01:00
Eugen Rochko
b1349342d2
Fix rendering `<a>` without `href` when scheme unsupported ( #13040 )
...
- Disallow links with relative paths
- Disallow iframes with non-http protocols and relative paths
Close #13037
2020-02-08 21:22:38 +01:00
BSKY
fccf83e1f2
Add noopener and/or noreferrer ( #12202 )
2019-10-24 22:44:42 +02:00
ThibG
fda437a020
Fix sanitizing lists contents ( #11354 )
...
* Add test
* Fix code for sanitizing nested lists stripping all tags
2019-07-19 01:44:58 +02:00
Eugen Rochko
103a9f4466
Fix sanitizer making block level elements unreadable ( #10836 )
...
Fix #10834
2019-06-16 21:46:36 +02:00