Commit Graph

118 Commits

Author SHA1 Message Date
Bastian
179f9a1943 Use default options from sanitizeHtmlParams for sanitizeHtml()
Signed-off-by: Bastian <matrix@noxware.de>
2019-02-07 14:33:19 +01:00
Bastian
9cd13a8893 Add HtmlUtils.linkifyString()
Add HtmlUtils.linkifyElement()

Add HtmlUtils.linkifyAndSanitize()

Refactor module imports

Signed-off-by: Bastian <matrix@noxware.de>
2019-01-31 22:26:24 +01:00
Aaron Raimist
49ce4ef117
eslint --fix src/
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2018-10-26 22:50:38 -05:00
Michael Telatynski
f5856270cc
undo removal of stripping <p>s as it breaks HTML /mes
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2018-07-18 10:48:54 +01:00
Michael Telatynski
19e5dc5799
do less rewriting for composer quote to prevent breaking pills
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2018-07-18 10:10:42 +01:00
Matthew Hodgson
021409aafe
apply review feedback from @lukebarnard1
(cherry picked from commit 37d4bce)
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2018-07-09 19:54:57 +01:00
Matthew Hodgson
efdc5430d7 merge develop 2018-07-09 17:50:07 +01:00
Michael Telatynski
9ee78de7e5
pr iteration, don't assume js-sdk stores group stuff other than groupId
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2018-06-22 12:05:46 +01:00
Michael Telatynski
72f50a8c61
rewrite group permalinks in <a hrefs> also
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2018-06-19 11:51:06 +01:00
Matthew Hodgson
7de45f8b7b make quoting work 2018-05-21 03:48:59 +01:00
Matthew Hodgson
c5676eef89 comment out more old draft stuff 2018-05-20 14:32:06 +01:00
Jonas Schürmann
4a9f4ba5eb Fix vector-im/riot-web#6523 Emoji rendering destroys paragraphs
This regression was probably introduced in
4f4441fb07 and is caused by the fact that
the variable `isHtml` conflates two different meanings:

- The event contains an HTML message
- The event message is displayed using HTML

This is an important difference. Plain text messages that contain
emojies are rendered with an HTML string and thus have to be sanitized
etc. But they must not use the MarkDown CSS styles for HTML messages.

The MarkDown CSS styles include `whitespace: normal` because HTML events
use `<br/>`-tags for line breaks. Plain text messages with emojies
obviously don't use `<br/>`-tags, so these styles must not be applied.

Signed-off-by: Jonas Schürmann <jonasschuermann@aol.de>
2018-05-17 20:12:51 +02:00
Michael Telatynski
dbbcabfed8
switch from asymmetrical fallback form to a cleaner one mx-reply
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2018-05-12 15:58:25 +01:00
Michael Telatynski
4a0a5c6bef
Merge remote-tracking branch 'origin/t3chguy/m.relates_to' into t3chguy/m.relates_to 2018-04-27 11:23:12 +01:00
Michael Telatynski
3de679b084
Add comment to HtmlUtils.js
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2018-04-27 11:14:50 +01:00
Michael Telatynski
0f11bc62cc
undo code style change 2018-04-23 10:58:39 +01:00
Michael Telatynski
2854f2b6c8
allow BigEmoji calc to ignore replies fallback if enabled
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2018-04-04 10:36:48 +01:00
Michael Telatynski
a390cecf92
fix missing null-guard
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2018-03-29 17:34:08 +01:00
Michael Telatynski
b5ed08eba2
Merge
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2018-03-24 17:52:49 +00:00
Luke Barnard
4f4441fb07 Only use dangerouslySetInnerHTML for HTML messages
...and plain messages with emoji that we replace with <img> tags
amonst the html-escaped `content.body`.
2018-03-13 17:15:16 +00:00
Michael Telatynski
3b02766be9
isHtml makes no sense if there is no formatted_body
this is a bug pre-replies but replies exacerbates it

Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2018-03-05 07:33:18 +00:00
Michael Telatynski
df56a67fda
Add reply fallback and run gen-i18n
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2018-03-04 12:39:34 +00:00
David Baker
3e4175f3e0 Add isUrlPermitted function 2018-02-09 12:20:05 +00:00
Luke Barnard
d14f943629 Ignore img tags in HTML if src is not specified
This applies to HTML messages and group summaries.
2017-11-06 17:52:46 +00:00
Matthew Hodgson
67ba0e59a2 Merge pull request #1301 from zeroware/develop
Include magnet scheme in sanitize HTML params
2017-10-14 23:48:43 +01:00
Michael Telatynski
c1edc0c32e
add option to disable BigEmoji
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2017-10-14 19:40:45 +01:00
Luke Barnard
d3f9a3aeb5 Run eslint --fix
Fixing 1000s of lint issues. Some rules cannot be `--fix`ed but this goes some way to linting the entire codebase.
2017-10-11 17:56:17 +01:00
David Baker
bfedcd1ff0 Don't check for only-emoji if there were none
We were still running the emojione regex on all messages to
determine if they were *only* emoji (for the big emoji). This is
pointless on messages that we already know don't have emoji.

Also stop exporting unicodeToImage because it isn't used anywhere.
2017-09-15 12:03:32 +01:00
David Baker
803e8f93e3 Fix emojification of symbol characters
Emojione has graphics for a lot of the symbol / dingbat characters
which are within the basic multilingual plane, but the new
fast-path regex was only detecthing surrogate pairs, so not
counting the symbols as emoji.
2017-09-15 11:43:55 +01:00
Michael Telatynski
39470c44a3
Merge branch 'develop' of github.com:matrix-org/matrix-react-sdk into t3chguy/sub-sup 2017-09-13 12:15:12 +01:00
Michael Telatynski
a0855a2869
allow sending sub,sup and whitelist them on receive
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2017-09-13 12:04:46 +01:00
David Baker
7617788345 Merge pull request #1372 from matrix-org/dbkr/emoji_fast_path
Fast path for emojifying strings
2017-09-10 17:44:02 +01:00
David Baker
876257f4e2 Consolidate the code copy button
Adding the code code button was done by manipulating the HTML of
the event body to add a span tag, then adding the onclick handler
after the thing was mounted. Apart from splitting the code between
two places, adding the span tag was, according to Chrome's
profiler, taking up quite a lot of CPU cycles (apparently as soon
as you set the innerHTML on a div). Instead, just build the whole
lot together after the component mounts.
2017-09-10 14:23:33 +01:00
David Baker
fe79010e4e Only add the code copy button for HTML messages
Trivial fast-path optimisation: plain text messages cannot possibly contain pre
blocks so there's no point in trying to parse them in order to add code copy
buttons.
2017-09-08 23:36:22 +01:00
David Baker
ea5726aa4e Copyright 2017-09-08 23:14:06 +01:00
David Baker
ec3ff529e7 Fast path for emojifying strings
Emojione's regex for detecting emoji is *enourmous* and we were
running it on every display name, room name, message etc every time
those components mounted. Add a much simpler regex to rule out the
majority of strings that contain no emoji and fast-path them.

Makes room switching about 10% faster (in my tests with all the
profiling turned on).
2017-09-08 23:05:27 +01:00
Zero
798d68b4c8 Include magnet scheme in sanitize HTML params
Update HtmlUtils sanitze-html params to include the magnet scheme
2017-08-14 19:42:00 +02:00
Hubert Chathi
df71502dbb allow width, height, alt, title attributes in img
fixes vector-im/riot-web#4646

Signed-off-by: Hubert Chathi <hubert@uhoreg.ca>
2017-07-25 10:43:40 -04:00
Luke Barnard
0df144cb62 Update unicodeToImage to maintain compatibility with emojione
We recently updated our version of emojione but this update included the addition of emoji represented in unicode with ZWJ (Zero-Width-Joiners). These ZWJs are not present in the asset file names, so any emoji with ZWJ in them were just not found (404 on the web client).

This updates `unicodeToImage` to be compatible with emojione 2.2.7 so that the correct filenames are used when converting from unicode to <img>.
2017-07-11 18:27:35 +01:00
Luke Barnard
dfa97e8452 Add comment 2017-07-10 17:48:01 +01:00
Luke Barnard
6877b99435 Strip <img src="https?://..">s when transforming imgs instead of using allowedSchemesByTag 2017-07-10 17:44:49 +01:00
Luke Barnard
bb9080425a Allow image tags with src attributes with schemes http[s]
And transform `mxc:*` URLs to `https?://`
2017-07-10 16:27:23 +01:00
Luke Barnard
96f5f92c7f Disallow data attribute, we don't need it currently 2017-07-10 15:44:46 +01:00
Luke Barnard
f9ee89b2f4 Merge branch 'develop' into matthew/whitelist-uri-schemes 2017-07-10 15:42:03 +01:00
Luke Barnard
32a01b54b8 Merge branch 'develop' into erikj/group_server 2017-07-07 10:08:49 +01:00
Luke Barnard
e7a2c3b975 Only send HTML when using RTE when necessary
When there are no styled blocks or inline styles applied within blocks, just send text instead of HTML.

Also, don't add <br /> for the last <p> (the last block).

Fixes https://github.com/vector-im/riot-web/issues/3147
2017-06-30 11:27:00 +01:00
Luke Barnard
9b24f70d00 Update comment 2017-06-28 14:29:53 +01:00
Luke Barnard
eeb1c33868 Do the less invasive fix of replacing <br>\n with \n but only within <pre> 2017-06-28 14:27:24 +01:00
Luke Barnard
f73fa4b49b Move processing into renamed function processHtmlforSending
And explain why this fix is necessary
2017-06-28 11:49:50 +01:00
Johannes Löthberg
661e6a6d01 HtmlUtils: Allow language- classes on code blocks through the sanitizer
This is required to be able to specify the highlight language in fenced
blocks like the following:

    ```python
    print("foo")
    ```

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2017-06-26 17:45:38 +02:00