mirror of
https://github.com/danog/blackfriday.git
synced 2024-11-27 04:24:41 +01:00
tagWhitelist allows alignment attribute now
This is the closest I could get to removing everything "unsave" without introducing an additional regex.
This commit is contained in:
parent
c1e4996787
commit
be9cbc634a
9
html.go
9
html.go
@ -78,8 +78,15 @@ var (
|
|||||||
"tbody",
|
"tbody",
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
alignments = []string{
|
||||||
|
"left",
|
||||||
|
"right",
|
||||||
|
"center",
|
||||||
|
}
|
||||||
|
|
||||||
urlRe = `((https?|ftp):\/\/|\/)[-A-Za-z0-9+&@#\/%?=~_|!:,.;\(\)]+`
|
urlRe = `((https?|ftp):\/\/|\/)[-A-Za-z0-9+&@#\/%?=~_|!:,.;\(\)]+`
|
||||||
tagWhitelist = regexp.MustCompile(`^(<\/?(` + strings.Join(tags, "|") + `)>|<(br|hr)\s?\/?>)$`)
|
tagWhitelist = regexp.MustCompile(`^(<\/?(` + strings.Join(tags, "|") + `)(\salign="(` + strings.Join(alignments, "|") + `)")?>|<(br|hr)\s?\/?>)$`)
|
||||||
anchorClean = regexp.MustCompile(`^(<a\shref="` + urlRe + `"(\stitle="[^"<>]+")?\s?>|<\/a>)$`)
|
anchorClean = regexp.MustCompile(`^(<a\shref="` + urlRe + `"(\stitle="[^"<>]+")?\s?>|<\/a>)$`)
|
||||||
imgClean = regexp.MustCompile(`^(<img\ssrc="` + urlRe + `"(\swidth="\d{1,3}")?(\sheight="\d{1,3}")?(\salt="[^"<>]*")?(\stitle="[^"<>]*")?\s?\/?>)$`)
|
imgClean = regexp.MustCompile(`^(<img\ssrc="` + urlRe + `"(\swidth="\d{1,3}")?(\sheight="\d{1,3}")?(\salt="[^"<>]*")?(\stitle="[^"<>]*")?\s?\/?>)$`)
|
||||||
// TODO: improve this regexp to catch all possible entities:
|
// TODO: improve this regexp to catch all possible entities:
|
||||||
|
Loading…
Reference in New Issue
Block a user