Switch to html-sanitizer (issue #92)

Squashed commit of the following: commit 504fb82beea5eff26591e117496d41c88f3737e4 Author: Jonny Barnes <jonny@jonnybarnes.uk> Date: Fri Jan 25 16:59:05 2019 +0000 Fix coding style issue commit 0ae14f0d90f131d65894abdc36f787032c7c97db Author: Jonny Barnes <jonny@jonnybarnes.uk> Date: Fri Jan 25 16:57:26 2019 +0000 html-sanitizer output differs slightly from HTMLPurifier commit c5912312e0c8a41dbd7f7e52489e516d9784bc26 Author: Jonny Barnes <jonny@jonnybarnes.uk> Date: Fri Jan 25 16:56:54 2019 +0000 Use html-sanitizer instead of HTMLPruifier, consolidate logic into a trait commit 563b5b5ae8e2ef9c5aeb87214acab8fa9b0683ce Author: Jonny Barnes <jonny@jonnybarnes.uk> Date: Fri Jan 25 16:56:10 2019 +0000 Add html-sanitizer instead of HTMLPurifier
2019-01-25 17:21:32 +00:00 · 2019-01-25 17:21:32 +00:00 · ae77ef3423
commit ae77ef3423
parent 427b79f278
6 changed files with 211 additions and 87 deletions
--- a/app/Models/Like.php
+++ b/app/Models/Like.php
@ -5,12 +5,13 @@ declare(strict_types=1);
 namespace App\Models;

 use Mf2;
-use HTMLPurifier;
-use HTMLPurifier_Config;
+use App\Traits\FilterHtml;
 use Illuminate\Database\Eloquent\Model;

 class Like extends Model
 {
+    use FilterHtml;
+
    protected $fillable = ['url'];

    /**
@ -48,27 +49,11 @@ class Like extends Model
        $mf2 = Mf2\parse($value, $this->url);

        if (array_get($mf2, 'items.0.properties.content.0.html')) {
-            return $this->filterHTML(
+            return $this->filterHtml(
                $mf2['items'][0]['properties']['content'][0]['html']
            );
        }

        return $value;
    }
-
-    /**
-     * Filter some HTML with HTMLPurifier.
-     *
-     * @param  string  $html
-     * @return string
-     */
-    private function filterHTML(string $html): string
-    {
-        $config = HTMLPurifier_Config::createDefault();
-        $config->set('Cache.SerializerPath', storage_path() . '/HTMLPurifier');
-        $config->set('HTML.TargetBlank', true);
-        $purifier = new HTMLPurifier($config);
-
-        return $purifier->purify($html);
-    }
 }
--- a/app/Models/WebMention.php
+++ b/app/Models/WebMention.php
@ -6,14 +6,15 @@ namespace App\Models;

 use Cache;
 use Twitter;
-use HTMLPurifier;
-use HTMLPurifier_Config;
+use App\Traits\FilterHtml;
 use Illuminate\Filesystem\Filesystem;
 use Illuminate\Database\Eloquent\Model;
 use Jonnybarnes\WebmentionsParser\Authorship;

 class WebMention extends Model
 {
+    use FilterHtml;
+
    /**
     * The database table used by the model.
     *
@ -92,7 +93,7 @@ class WebMention extends Model
        }
        $microformats = json_decode($this->mf2, true);
        if (isset($microformats['items'][0]['properties']['content'][0]['html'])) {
-            return $this->filterHTML($microformats['items'][0]['properties']['content'][0]['html']);
+            return $this->filterHtml($microformats['items'][0]['properties']['content'][0]['html']);
        }

        return null;
@ -130,20 +131,4 @@ class WebMention extends Model

        return $url;
    }
-
-    /**
-     * Filter the HTML in a reply webmention.
-     *
-     * @param  string  $html
-     * @return string
-     */
-    private function filterHTML(string $html): string
-    {
-        $config = HTMLPurifier_Config::createDefault();
-        $config->set('Cache.SerializerPath', storage_path() . '/HTMLPurifier');
-        $config->set('HTML.TargetBlank', true);
-        $purifier = new HTMLPurifier($config);
-
-        return $purifier->purify($html);
-    }
 }