Commit 4854cfef authored by Douwe Maan's avatar Douwe Maan

Merge branch 'pravi/gitlab-ce-update-html-pipeline' into 'master'

update html-pipeline 2.7.1 -> 2.8

Closes #48571

See merge request gitlab-org/gitlab-ce!20348
parents 8678cf9b d699362a
...@@ -132,7 +132,7 @@ gem 'unf', '~> 0.1.4' ...@@ -132,7 +132,7 @@ gem 'unf', '~> 0.1.4'
gem 'seed-fu', '~> 2.3.7' gem 'seed-fu', '~> 2.3.7'
# Markdown and HTML processing # Markdown and HTML processing
gem 'html-pipeline', '~> 2.7.1' gem 'html-pipeline', '~> 2.8'
gem 'deckar01-task_list', '2.0.0' gem 'deckar01-task_list', '2.0.0'
gem 'gitlab-markup', '~> 1.6.4' gem 'gitlab-markup', '~> 1.6.4'
gem 'redcarpet', '~> 3.4' gem 'redcarpet', '~> 3.4'
......
...@@ -394,7 +394,7 @@ GEM ...@@ -394,7 +394,7 @@ GEM
hipchat (1.5.2) hipchat (1.5.2)
httparty httparty
mimemagic mimemagic
html-pipeline (2.7.1) html-pipeline (2.8.3)
activesupport (>= 2) activesupport (>= 2)
nokogiri (>= 1.4) nokogiri (>= 1.4)
html2text (0.2.0) html2text (0.2.0)
...@@ -1061,7 +1061,7 @@ DEPENDENCIES ...@@ -1061,7 +1061,7 @@ DEPENDENCIES
hashie-forbidden_attributes hashie-forbidden_attributes
health_check (~> 2.6.0) health_check (~> 2.6.0)
hipchat (~> 1.5.0) hipchat (~> 1.5.0)
html-pipeline (~> 2.7.1) html-pipeline (~> 2.8)
html2text html2text
httparty (~> 0.13.3) httparty (~> 0.13.3)
icalendar icalendar
......
...@@ -397,7 +397,7 @@ GEM ...@@ -397,7 +397,7 @@ GEM
hipchat (1.5.2) hipchat (1.5.2)
httparty httparty
mimemagic mimemagic
html-pipeline (2.7.1) html-pipeline (2.8.3)
activesupport (>= 2) activesupport (>= 2)
nokogiri (>= 1.4) nokogiri (>= 1.4)
html2text (0.2.0) html2text (0.2.0)
...@@ -1071,7 +1071,7 @@ DEPENDENCIES ...@@ -1071,7 +1071,7 @@ DEPENDENCIES
hashie-forbidden_attributes hashie-forbidden_attributes
health_check (~> 2.6.0) health_check (~> 2.6.0)
hipchat (~> 1.5.0) hipchat (~> 1.5.0)
html-pipeline (~> 2.7.1) html-pipeline (~> 2.8)
html2text html2text
httparty (~> 0.13.3) httparty (~> 0.13.3)
icalendar icalendar
......
...@@ -4,27 +4,20 @@ module Banzai ...@@ -4,27 +4,20 @@ module Banzai
# #
# Extends HTML::Pipeline::SanitizationFilter with a custom whitelist. # Extends HTML::Pipeline::SanitizationFilter with a custom whitelist.
class SanitizationFilter < HTML::Pipeline::SanitizationFilter class SanitizationFilter < HTML::Pipeline::SanitizationFilter
include Gitlab::Utils::StrongMemoize
UNSAFE_PROTOCOLS = %w(data javascript vbscript).freeze UNSAFE_PROTOCOLS = %w(data javascript vbscript).freeze
TABLE_ALIGNMENT_PATTERN = /text-align: (?<alignment>center|left|right)/ TABLE_ALIGNMENT_PATTERN = /text-align: (?<alignment>center|left|right)/
def whitelist def whitelist
whitelist = super strong_memoize(:whitelist) do
customize_whitelist(super.dup)
customize_whitelist(whitelist) end
whitelist
end end
private private
def customized?(transformers)
transformers.last.source_location[0] == __FILE__
end
def customize_whitelist(whitelist) def customize_whitelist(whitelist)
# Only push these customizations once
return if customized?(whitelist[:transformers])
# Allow table alignment; we whitelist specific text-align values in a # Allow table alignment; we whitelist specific text-align values in a
# transformer below # transformer below
whitelist[:attributes]['th'] = %w(style) whitelist[:attributes]['th'] = %w(style)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment