mirror of
https://github.com/mastodon/mastodon.git
synced 2024-11-22 06:06:45 +00:00
Use rich OEmbed content when it conforms to Mastodon's sanitization
This commit is contained in:
parent
c1de673060
commit
81e23191cf
|
@ -136,8 +136,13 @@ class FetchLinkCardService < BaseService
|
||||||
@card.html = Sanitize.fragment(embed[:html], Sanitize::Config::MASTODON_OEMBED)
|
@card.html = Sanitize.fragment(embed[:html], Sanitize::Config::MASTODON_OEMBED)
|
||||||
@card.image_remote_url = (url + embed[:thumbnail_url]).to_s if embed[:thumbnail_url].present?
|
@card.image_remote_url = (url + embed[:thumbnail_url]).to_s if embed[:thumbnail_url].present?
|
||||||
when 'rich'
|
when 'rich'
|
||||||
# Most providers rely on <script> tags, which is a no-no
|
sanitized_rich_html = Sanitize.fragment(embed[:html], Sanitize::Config::MASTODON_OEMBED)
|
||||||
return false
|
return false if sanitized_rich_html != embed[:html]
|
||||||
|
|
||||||
|
@card.width = embed[:width].presence || 0
|
||||||
|
@card.height = embed[:height].presence || 0
|
||||||
|
@card.html = sanitized_rich_html
|
||||||
|
@card.image_remote_url = (url + embed[:thumbnail_url]).to_s if embed[:thumbnail_url].present?
|
||||||
end
|
end
|
||||||
|
|
||||||
@card.save_with_optional_image!
|
@card.save_with_optional_image!
|
||||||
|
|
Loading…
Reference in a new issue