# frozen_string_literal: true require 'singleton' require_relative './sanitize_config' class HTMLRenderer < Redcarpet::Render::HTML def block_code(code, language) "
#{encode(code).gsub("\n", "
")}
"
end
def autolink(link, link_type)
return link if link_type == :email
Formatter.instance.link_url(link)
end
private
def html_entities
@html_entities ||= HTMLEntities.new
end
def encode(html)
html_entities.encode(html)
end
end
class Formatter
include Singleton
include RoutingHelper
include ActionView::Helpers::TextHelper
BBCODE_TAGS = {
:url => {
:html_open => '', :html_close => '',
:description => '', :example => '',
:allow_quick_param => true, :allow_between_as_param => false,
:quick_param_format => /(\S+)/,
:quick_param_format_description => 'The size parameter \'%param%\' is incorrect, a number is expected',
:param_tokens => [{:token => :url}]
},
:ul => {
:html_open => '', :html_close => '', :description => '', :example => '', }, :kbd => { :html_open => '
', :html_close => '
',
:description => '', :example => '',
},
:code => {
:html_open => '', :html_close => '', :description => '', :example => '', }, :u => { :html_open => '', :html_close => '', :description => '', :example => '', }, :s => { :html_open => '
— #{encode(footer)}
" end def bbcode_formatter(html) begin html = html.bbcode_to_html(false, BBCODE_TAGS, :enable, *BBCODE_TAGS.keys) rescue Exception => e end html end def markdown_formatter return @markdown_formatter if defined?(@markdown_formatter) extensions = { autolink: true, no_intra_emphasis: true, fenced_code_blocks: true, disable_indented_code_blocks: true, strikethrough: true, lax_spacing: true, space_after_headers: true, superscript: true, underline: true, highlight: true, footnotes: false, } renderer = HTMLRenderer.new({ filter_html: false, escape_html: false, no_images: true, no_styles: true, safe_links_only: true, hard_wrap: true, link_attributes: { target: '_blank', rel: 'nofollow noopener' }, }) @markdown_formatter = Redcarpet::Markdown.new(renderer, extensions) end def html_entities @html_entities ||= HTMLEntities.new end def encode(html) html_entities.encode(html) end def encode_and_link_urls(html, accounts = nil, options = {}) if accounts.is_a?(Hash) options = accounts accounts = nil end entities = options[:keep_html] ? html_friendly_extractor(html) : utf8_friendly_extractor(html, extract_url_without_protocol: false) rewrite(html.dup, entities, options[:keep_html]) do |entity| if entity[:url] link_to_url(entity, options) elsif entity[:hashtag] link_to_hashtag(entity) elsif entity[:screen_name] link = link_to_pseudo(entity[:screen_name]) link.nil? ? link_to_mention(entity, accounts) : link end end end def count_tag_nesting(tag) if tag[1] == '/' then -1 elsif tag[-2] == '/' then 0 else 1 end end def encode_custom_emojis(html, emojis, animate = false) return html if emojis.empty? emoji_map = if animate emojis.each_with_object({}) { |e, h| h[e.shortcode] = full_asset_url(e.image.url) } else emojis.each_with_object({}) { |e, h| h[e.shortcode] = full_asset_url(e.image.url(:static)) } end i = -1 tag_open_index = nil inside_shortname = false shortname_start_index = -1 invisible_depth = 0 while i + 1 < html.size i += 1 if invisible_depth.zero? && inside_shortname && html[i] == ':' shortcode = html[shortname_start_index + 1..i - 1] emoji = emoji_map[shortcode] if emoji replacement = "" before_html = shortname_start_index.positive? ? html[0..shortname_start_index - 1] : '' html = before_html + replacement + html[i + 1..-1] i += replacement.size - (shortcode.size + 2) - 1 else i -= 1 end inside_shortname = false elsif tag_open_index && html[i] == '>' tag = html[tag_open_index..i] tag_open_index = nil if invisible_depth.positive? invisible_depth += count_tag_nesting(tag) elsif tag == '' invisible_depth = 1 end elsif html[i] == '<' tag_open_index = i inside_shortname = false elsif !tag_open_index && html[i] == ':' inside_shortname = true shortname_start_index = i end end html end def rewrite(text, entities, keep_html = false) text = text.to_s # Sort by start index entities = entities.sort_by do |entity| indices = entity.respond_to?(:indices) ? entity.indices : entity[:indices] indices.first end result = [] last_index = entities.reduce(0) do |index, entity| indices = entity.respond_to?(:indices) ? entity.indices : entity[:indices] result << (keep_html ? text[index...indices.first] : encode(text[index...indices.first])) result << yield(entity) indices.last end result << (keep_html ? text[last_index..-1] : encode(text[last_index..-1])) result.flatten.join end UNICODE_ESCAPE_BLACKLIST_RE = /\p{Z}|\p{P}/ def utf8_friendly_extractor(text, options = {}) old_to_new_index = [0] escaped = text.chars.map do |c| output = begin if c.ord.to_s(16).length > 2 && UNICODE_ESCAPE_BLACKLIST_RE.match(c).nil? CGI.escape(c) else c end end old_to_new_index << old_to_new_index.last + output.length output end.join # Note: I couldn't obtain list_slug with @user/list-name format # for mention so this requires additional check special = Extractor.extract_urls_with_indices(escaped, options).map do |extract| new_indices = [ old_to_new_index.find_index(extract[:indices].first), old_to_new_index.find_index(extract[:indices].last), ] next extract.merge( indices: new_indices, url: text[new_indices.first..new_indices.last - 1] ) end standard = Extractor.extract_entities_with_indices(text, options) Extractor.remove_overlapping_entities(special + standard) end def html_friendly_extractor(html, options = {}) gaps = [] total_offset = 0 escaped = html.gsub(/<[^>]*>/) do |match| total_offset += match.length - 1 end_offset = Regexp.last_match.end(0) gaps << [end_offset - total_offset, total_offset] "\u200b" end entities = Extractor.extract_hashtags_with_indices(escaped, :check_url_overlap => false) + Extractor.extract_mentions_or_lists_with_indices(escaped) Extractor.remove_overlapping_entities(entities).map do |extract| pos = extract[:indices].first offset_idx = gaps.rindex { |gap| gap.first <= pos } offset = offset_idx.nil? ? 0 : gaps[offset_idx].last next extract.merge( :indices => [extract[:indices].first + offset, extract[:indices].last + offset] ) end end def link_to_url(entity, options = {}) url = Addressable::URI.parse(entity[:url]) html_attrs = { target: '_blank', rel: 'nofollow noopener' } html_attrs[:rel] = "me #{html_attrs[:rel]}" if options[:me] Twitter::Autolink.send(:link_to_text, entity, link_html(entity[:url]), url, html_attrs) rescue Addressable::URI::InvalidURIError, IDN::Idna::IdnaError encode(entity[:url]) end def link_to_mention(entity, linkable_accounts) acct = entity[:screen_name] return link_to_account(acct) unless linkable_accounts account = linkable_accounts.find { |item| TagManager.instance.same_acct?(item.acct, acct) } account ? mention_html(account) : "@#{encode(acct)}" end def link_to_account(acct) username, domain = acct.split('@') domain = nil if TagManager.instance.local_domain?(domain) account = EntityCache.instance.mention(username, domain) account ? mention_html(account) : "@#{encode(acct)}" end def link_to_hashtag(entity) hashtag_html(entity[:hashtag]) end def link_html(url) url = Addressable::URI.parse(url).to_s prefix = url.match(/\Ahttps?:\/\/(www\.)?/).to_s text = url[prefix.length, 30] suffix = url[prefix.length + 30..-1] cutoff = url[prefix.length..-1].length > 30 "#{encode(prefix)}#{encode(text)}#{encode(suffix)}" end def hashtag_html(tag) "##{encode(tag)}" end def mention_html(account) "@#{encode(account.username)}" end def link_to_pseudo(acct) username, domain = acct.split('@') case domain when 'twitter.com' return link_to_twitter(username) when 'tumblr.com' return link_to_tumblr(username) when 'weasyl.com' return link_to_weasyl(username) when 'furaffinity.net' return link_to_furaffinity(username) when 'furrynetwork.com', 'beta.furrynetwork.com' return link_to_furrynetwork(username) when 'sofurry.com' return link_to_sofurry(username) when 'inkbunny.net' return link_to_inkbunny(username) when 'e621.net' return link_to_e621(username) when 'e926.net' return link_to_e926(username) when 'f-list.net' return link_to_flist(username) when 'deviantart.com' return link_to_deviantart(username) when 'artstation.com' return link_to_artstation(username) when 'github.com' return link_to_github(username) when 'gitlab.com' return link_to_gitlab(username) else return nil end end def link_to_twitter(username) "@#{username}@twitter.com" end def link_to_tumblr(username) "@#{username}@tumblr.com" end def link_to_weasyl(username) "@#{username}@weasyl.com" end def link_to_furaffinity(username) "@#{username}@furaffinity.net" end def link_to_furrynetwork(username) "@#{username}@furrynetwork.com" end def link_to_inkbunny(username) "@#{username}@inkbunny.net" end def link_to_sofurry(username) "@#{username}@sofurry.com" end def link_to_e621(username) "@#{username}@e621.net" end def link_to_e926(username) "@#{username}@e926.net" end def link_to_flist(username) "@#{username}@f-list.net" end def link_to_deviantart(username) "@#{username}@deviantart.com" end def link_to_artstation(username) "@#{username}@artstation.com" end def link_to_github(username) "@#{username}@github.com" end def link_to_gitlab(username) "@#{username}@gitlab.com" end end