code.gitea.io/gitea@v1.22.3/modules/markup/sanitizer_description.go

code.gitea.io/gitea@v1.22.3/modules/markup/sanitizer_description.go (about)

     1  // Copyright 2024 The Gitea Authors. All rights reserved.
     2  // SPDX-License-Identifier: MIT
     3  
     4  package markup
     5  
     6  import (
     7  	"regexp"
     8  
     9  	"github.com/microcosm-cc/bluemonday"
    10  )
    11  
    12  // createRepoDescriptionPolicy returns a minimal more strict policy that is used for
    13  // repository descriptions.
    14  func (st *Sanitizer) createRepoDescriptionPolicy() *bluemonday.Policy {
    15  	policy := bluemonday.NewPolicy()
    16  	policy.AllowStandardURLs()
    17  
    18  	// Allow italics and bold.
    19  	policy.AllowElements("i", "b", "em", "strong")
    20  
    21  	// Allow code.
    22  	policy.AllowElements("code")
    23  
    24  	// Allow links
    25  	policy.AllowAttrs("href", "target", "rel").OnElements("a")
    26  
    27  	// Allow classes for emojis
    28  	policy.AllowAttrs("class").Matching(regexp.MustCompile(`^emoji$`)).OnElements("img", "span")
    29  	policy.AllowAttrs("aria-label").OnElements("span")
    30  
    31  	return policy
    32  }
    33  
    34  // SanitizeDescription sanitizes the HTML generated for a repository description.
    35  func SanitizeDescription(s string) string {
    36  	return GetDefaultSanitizer().descriptionPolicy.Sanitize(s)
    37  }