Commit aa2406e0 authored by David Eisner's avatar David Eisner Committed by Airat Shigapov

Clean up Banzai HTML for HipChat

The `class` and `data-*` attributes are meaningless in HipChat, and it
would probably be better to limit the tags, too. For example, we could
avoid block-level elements in `render_line`.
parent b434b75f
class HipchatService < Service class HipchatService < Service
include ActionView::Helpers::SanitizeHelper
MAX_COMMITS = 3 MAX_COMMITS = 3
prop_accessor :token, :room, :server, :notify, :color, :api_version prop_accessor :token, :room, :server, :notify, :color, :api_version
...@@ -138,6 +140,7 @@ class HipchatService < Service ...@@ -138,6 +140,7 @@ class HipchatService < Service
html = Banzai.render(text, context) html = Banzai.render(text, context)
html = Banzai.post_process(html, context) html = Banzai.post_process(html, context)
sanitize html, attributes: %w(href title alt)
else else
"" ""
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment