-
Notifications
You must be signed in to change notification settings - Fork 140
/
config.js
66 lines (62 loc) · 1.82 KB
/
config.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
// config.js
import { clone } from 'bellajs'
const sanitizeHtmlOptions = {
allowedTags: [
'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
'u', 'b', 'i', 'em', 'strong', 'small', 'sup', 'sub',
'div', 'span', 'p', 'article', 'blockquote', 'section',
'details', 'summary',
'pre', 'code',
'ul', 'ol', 'li', 'dd', 'dl',
'table', 'th', 'tr', 'td', 'thead', 'tbody', 'tfood',
'fieldset', 'legend',
'figure', 'figcaption', 'img', 'picture',
'video', 'audio', 'source',
'iframe',
'progress',
'br', 'p', 'hr',
'label',
'abbr',
'a',
'svg',
],
allowedAttributes: {
h1: ['id'],
h2: ['id'],
h3: ['id'],
h4: ['id'],
h5: ['id'],
h6: ['id'],
a: ['href', 'target', 'title'],
abbr: ['title'],
progress: ['value', 'max'],
img: ['src', 'srcset', 'alt', 'title'],
picture: ['media', 'srcset'],
video: ['controls', 'width', 'height', 'autoplay', 'muted', 'loop', 'src'],
audio: ['controls', 'width', 'height', 'autoplay', 'muted', 'loop', 'src'],
source: ['src', 'srcset', 'data-srcset', 'type', 'media', 'sizes'],
iframe: ['src', 'frameborder', 'height', 'width', 'scrolling', 'allow'],
svg: ['width', 'height'], // sanitize-html does not support svg fully yet
},
allowedIframeDomains: [
'youtube.com', 'vimeo.com', 'odysee.com',
'soundcloud.com', 'audius.co',
'github.com', 'codepen.com',
'twitter.com', 'facebook.com', 'instagram.com',
],
disallowedTagsMode: 'discard',
allowVulnerableTags: false,
parseStyleAttributes: false,
enforceHtmlBoundary: false,
}
/**
* @returns {SanitizeOptions}
*/
export const getSanitizeHtmlOptions = () => {
return clone(sanitizeHtmlOptions)
}
export const setSanitizeHtmlOptions = (opts = {}) => {
Object.keys(opts).forEach((key) => {
sanitizeHtmlOptions[key] = clone(opts[key])
})
}