Introduces a standalone html sanitizer class (#37750).

Patch by Jens Krämer. git-svn-id: https://svn.redmine.org/redmine/trunk@21900 e93f8b46-1217-0410-a6f0-8f06a7374b81
2025-11-05 04:45:57 +01:00 · 2022-10-04 19:49:00 +00:00
parent a561d23bd4
commit 39151a89b6
2 changed files with 60 additions and 0 deletions
--- a/lib/redmine/wiki_formatting/html_sanitizer.rb
+++ b/lib/redmine/wiki_formatting/html_sanitizer.rb
@@ -0,0 +1,20 @@
+module Redmine
+  module WikiFormatting
+
+    # Combination of SanitizationFilter and ExternalLinksFilter
+    class HtmlSanitizer
+
+      Pipeline = HTML::Pipeline.new([
+        Redmine::WikiFormatting::CommonMark::SanitizationFilter,
+        Redmine::WikiFormatting::CommonMark::ExternalLinksFilter,
+      ], {})
+
+      def self.call(html)
+        result = Pipeline.call html
+        result[:output].to_s
+      end
+    end
+
+  end
+end
+