mirror of
https://github.com/codex-team/editor.js
synced 2024-06-29 02:40:23 +02:00
Merge pull request #185 from codex-team/sanitizer
sanitize improvements
This commit is contained in:
commit
79dfa8cbe7
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -20,8 +20,7 @@
|
|||
<script src="codex-editor.js?v=108"></script>
|
||||
<link rel="stylesheet" href="codex-editor.css?v=11000">
|
||||
|
||||
|
||||
<script src="plugins/paragraph/paragraph.js"></script>
|
||||
<script src="plugins/paragraph/paragraph.js?v=100"></script>
|
||||
<link rel="stylesheet" href="plugins/paragraph/paragraph.css">
|
||||
|
||||
<script src="plugins/header/header.js"></script>
|
||||
|
@ -62,11 +61,6 @@
|
|||
holderId : "codex-editor",
|
||||
initialBlockPlugin : 'paragraph',
|
||||
hideToolbar: false,
|
||||
sanitizer : {
|
||||
tags : {
|
||||
p : {}
|
||||
}
|
||||
},
|
||||
tools : {
|
||||
paragraph: {
|
||||
type: 'paragraph',
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
* @description Module works with editor added Elements
|
||||
*
|
||||
* @author Codex Team
|
||||
* @version 1.3.12
|
||||
* @version 1.4.0
|
||||
*/
|
||||
|
||||
module.exports = (function (callbacks) {
|
||||
|
@ -933,7 +933,6 @@ module.exports = (function (callbacks) {
|
|||
|
||||
/** Temporary DIV that is used to work with childs as arrays item */
|
||||
var div = editor.draw.node('DIV', '', {}),
|
||||
cleaner = new editor.sanitizer.init(),
|
||||
cleanData,
|
||||
fragment;
|
||||
|
||||
|
@ -942,7 +941,7 @@ module.exports = (function (callbacks) {
|
|||
|
||||
if ( htmlData.trim() != '' ) {
|
||||
|
||||
cleanData = cleaner.clean(htmlData);
|
||||
cleanData = editor.sanitizer.clean(htmlData);
|
||||
div.innerHTML = cleanData;
|
||||
|
||||
} else {
|
||||
|
|
|
@ -48,14 +48,38 @@ module.exports = (function (sanitizer) {
|
|||
|
||||
sanitizer.Config = Config;
|
||||
|
||||
sanitizer.init = function () {
|
||||
/**
|
||||
*
|
||||
* @param userCustomConfig
|
||||
* @returns {*}
|
||||
* @private
|
||||
*
|
||||
* @description If developer uses editor's API, then he can customize sane restrictions.
|
||||
* Or, sane config can be defined globally in editors initialization. That config will be used everywhere
|
||||
* At least, if there is no config overrides, that API uses BASIC Default configation
|
||||
*/
|
||||
let init_ = function (userCustomConfig) {
|
||||
|
||||
let configuration = Config.CUSTOM || Config.BASIC;
|
||||
let configuration = userCustomConfig || Config.CUSTOM || Config.BASIC;
|
||||
|
||||
return new janitor(configuration);
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* Cleans string from unwanted tags
|
||||
* @protected
|
||||
* @param {String} dirtyString - taint string
|
||||
* @param {Object} customConfig - allowed tags
|
||||
*/
|
||||
sanitizer.clean = function(dirtyString, customConfig) {
|
||||
|
||||
let janitorInstance = init_(customConfig);
|
||||
|
||||
return janitorInstance.clean(dirtyString);
|
||||
|
||||
};
|
||||
|
||||
return sanitizer;
|
||||
|
||||
})({});
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "codex.editor",
|
||||
"version": "1.6.2",
|
||||
"version": "1.6.3",
|
||||
"description": "Codex Editor. Native JS, based on API and Open Source",
|
||||
"main": "index.js",
|
||||
"scripts": {
|
||||
|
|
|
@ -80,10 +80,22 @@ var paragraph = (function(paragraph_plugin) {
|
|||
*/
|
||||
paragraph_plugin.save = function (blockContent){
|
||||
|
||||
var wrappedText = codex.editor.content.wrapTextWithParagraphs(blockContent.innerHTML);
|
||||
var wrappedText = codex.editor.content.wrapTextWithParagraphs(blockContent.innerHTML),
|
||||
sanitizerConfig = {
|
||||
tags : {
|
||||
p : {},
|
||||
a: {
|
||||
href: true,
|
||||
target: '_blank',
|
||||
rel: 'nofollow'
|
||||
},
|
||||
i: {},
|
||||
b: {},
|
||||
}
|
||||
};
|
||||
|
||||
var data = {
|
||||
"text": wrappedText,
|
||||
"text": codex.editor.sanitizer.clean(wrappedText, sanitizerConfig),
|
||||
"format": "html",
|
||||
"introText": '<<same>>'
|
||||
};
|
||||
|
|
|
@ -26,7 +26,6 @@ var ExtractTextWebpackPlugin = require('extract-text-webpack-plugin');
|
|||
module.exports = {
|
||||
|
||||
entry: {
|
||||
"whatwg-fetch": "whatwg-fetch",
|
||||
"codex-editor": "./codex"
|
||||
},
|
||||
output: {
|
||||
|
@ -37,7 +36,7 @@ module.exports = {
|
|||
watch: true,
|
||||
|
||||
watchOptions: {
|
||||
aggregateTimeOut: 100
|
||||
aggregateTimeOut: 50
|
||||
},
|
||||
|
||||
devtool: NODE_ENV == 'development' ? "source-map" : null,
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
Loading…
Reference in a new issue