mirror of
				https://github.com/advplyr/audiobookshelf.git
				synced 2025-10-24 23:38:56 -04:00 
			
		
		
		
	
		
			
				
	
	
		
			40 lines
		
	
	
		
			1016 B
		
	
	
	
		
			JavaScript
		
	
	
	
	
	
			
		
		
	
	
			40 lines
		
	
	
		
			1016 B
		
	
	
	
		
			JavaScript
		
	
	
	
	
	
| const sanitizeHtml = require('../libs/sanitizeHtml')
 | |
| const {entities} = require("./htmlEntities");
 | |
| 
 | |
| function sanitize(html) {
 | |
|   const sanitizerOptions = {
 | |
|     allowedTags: [
 | |
|       'p', 'ol', 'ul', 'li', 'a', 'strong', 'em', 'del'
 | |
|     ],
 | |
|     disallowedTagsMode: 'discard',
 | |
|     allowedAttributes: {
 | |
|       a: ['href', 'name', 'target']
 | |
|     },
 | |
|     allowedSchemes: ['https'],
 | |
|     allowProtocolRelative: false
 | |
|   }
 | |
| 
 | |
|   return sanitizeHtml(html, sanitizerOptions)
 | |
| }
 | |
| module.exports.sanitize = sanitize
 | |
| 
 | |
| function stripAllTags(html, shouldDecodeEntities = true) {
 | |
|   const sanitizerOptions = {
 | |
|     allowedTags: [],
 | |
|     disallowedTagsMode: 'discard'
 | |
|   }
 | |
| 
 | |
|   let sanitized = sanitizeHtml(html, sanitizerOptions)
 | |
|   return shouldDecodeEntities ? decodeHTMLEntities(sanitized) : sanitized
 | |
| }
 | |
| module.exports.stripAllTags = stripAllTags
 | |
| 
 | |
| function decodeHTMLEntities(strToDecode) {
 | |
|   return strToDecode.replace(/\&([^;]+);?/g, function (entity) {
 | |
|     if (entity in entities) {
 | |
|       return entities[entity]
 | |
|     }
 | |
|     return entity;
 | |
|   })
 | |
| }
 |