audiobookshelf-pgodwin/server/utils/htmlSanitizer.js

40 lines
1016 B
JavaScript

const sanitizeHtml = require('../libs/sanitizeHtml')
const {entities} = require("./htmlEntities");
function sanitize(html) {
const sanitizerOptions = {
allowedTags: [
'p', 'ol', 'ul', 'li', 'a', 'strong', 'em', 'del'
],
disallowedTagsMode: 'discard',
allowedAttributes: {
a: ['href', 'name', 'target']
},
allowedSchemes: ['https'],
allowProtocolRelative: false
}
return sanitizeHtml(html, sanitizerOptions)
}
module.exports.sanitize = sanitize
function stripAllTags(html, shouldDecodeEntities = true) {
const sanitizerOptions = {
allowedTags: [],
disallowedTagsMode: 'discard'
}
let sanitized = sanitizeHtml(html, sanitizerOptions)
return shouldDecodeEntities ? decodeHTMLEntities(sanitized) : sanitized
}
module.exports.stripAllTags = stripAllTags
function decodeHTMLEntities(strToDecode) {
return strToDecode.replace(/\&([^;]+);?/g, function (entity) {
if (entity in entities) {
return entities[entity]
}
return entity;
})
}