UNPKG

@waline/vercel

Version:

vercel server for waline comment system

github.com/walinejs/waline

47 lines (39 loc) 1.26 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
const createDOMPurify = require('dompurify'); const { JSDOM } = require('jsdom'); const DOMPurify = createDOMPurify(new JSDOM('').window); // try to fix https://github.com/walinejs/waline/issues/3238 DOMPurify.addHook('uponSanitizeElement', (node, data) => { if (data.tagName === 'annotation') { node.remove(); } }); /** * Add a hook to make all links open a new window * and force their rel to be 'nofollow noreferrer noopener' */ DOMPurify.addHook('afterSanitizeAttributes', (node) => { // set all elements owning target to target=_blank if ('target' in node && node.href && !node.href.startsWith('about:blank#')) { node.setAttribute('target', '_blank'); node.setAttribute('rel', 'nofollow noreferrer noopener'); } // set non-HTML/MathML links to xlink:show=new if ( !node.hasAttribute('target') && (node.hasAttribute('xlink:href') || node.hasAttribute('href')) ) { node.setAttribute('xlink:show', 'new'); } if ('preload' in node) { node.setAttribute('preload', 'none'); } }); const sanitize = (content) => DOMPurify.sanitize(content, { FORBID_TAGS: ['form', 'input', 'style'], FORBID_ATTR: ['autoplay', 'style'], ...think.config('domPurify'), }); module.exports = { sanitize, };