UNPKG

ui-kit

Version:

user interface kit

github.com/ui-kit/ui-kit

ui-kit/ui-kit

81 lines (74 loc) 2.25 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
var objectAssign = require('object-assign'); var DOMPurify = require('dompurify'); var defaults = { ALLOWED_TAGS: [ 'a', 'b', 'br', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'i', 'iframe', 'img', 'p', 'small', 'sub', 'sup', 'span' ], RETURN_DOM: true, REMOVE_EMPTY_PARAGRAPHS: true, CUSTOM_CLASSES: { 'a': 'link', 'iframe_container': 'embedded-iframe-container' } }; DOMPurify.addHook('afterSanitizeAttributes', function (node) { // set all elements owning target to target=_blank if ('target' in node) { node.setAttribute('target','_blank'); } // set non-HTML/MathML links to xlink:show=new if (!node.hasAttribute('target') && (node.hasAttribute('xlink:href') || node.hasAttribute('href'))){ node.setAttribute('xlink:show', 'new'); } }); DOMPurify.addHook('afterSanitizeAttributes', function (node, data, config) { if (!config.CUSTOM_CLASSES) return; var className = config.CUSTOM_CLASSES[node.nodeName.toLowerCase()] if (!!className) node.classList.add(className); }); DOMPurify.addHook('afterSanitizeElements', function (node, data, config) { if (node.nodeName.toLowerCase() === 'iframe') { node.width = '100%'; node.style.width = '100%'; } }); function wrapIframes (val, options) { if (!val) return ''; var iframes = val.getElementsByTagName('iframe'); if (iframes.length) { var iframeContainerClass = options.CUSTOM_CLASSES.iframe_container for (var i = 0; i < iframes.length; i++) { var iframe = iframes[i]; iframe.setAttribute('allowfullscreen', true); var heightClass = iframe.height || iframe.style.height ? 'has-height' : '' if (!iframe.parentNode.classList.contains(iframeContainerClass)) { iframe.outerHTML = `<div class='${iframeContainerClass} ${heightClass}'>${iframe.outerHTML}</div>`; } } } return val.innerHTML || ''; } exports.sanitize = function (dirty, config) { var options = objectAssign({}, defaults, config); var val = wrapIframes(DOMPurify.sanitize(dirty, options), options); val = val.replace(/&nbsp;/g, ' '); if (options.REMOVE_EMPTY_PARAGRAPHS) val = val.replace(/<p><\/p>/g, ''); return val; } exports['default'] = DOMPurify;