Split Federation as separate context

lib/service/formatter/default_scrubbler.ex

@@ -0,0 +1,69 @@
+# Portions of this file are derived from Pleroma:
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social>
+# SPDX-License-Identifier: AGPL-3.0-only
+# Upstream: https://git.pleroma.social/pleroma/pleroma/blob/develop/lib/pleroma/html.ex
+
+defmodule Mobilizon.Service.Formatter.DefaultScrubbler do
+  @moduledoc """
+  Custom strategy to filter HTML content.
+  """
+
+  alias HtmlSanitizeEx.Scrubber.Meta
+
+  require HtmlSanitizeEx.Scrubber.Meta
+
+  # credo:disable-for-previous-line
+  # No idea how to fix this one…
+
+  Meta.remove_cdata_sections_before_scrub()
+  Meta.strip_comments()
+
+  Meta.allow_tag_with_uri_attributes("a", ["href", "data-user", "data-tag"], ["https", "http"])
+
+  Meta.allow_tag_with_this_attribute_values("a", "class", [
+    "hashtag",
+    "u-url",
+    "mention",
+    "u-url mention",
+    "mention u-url"
+  ])
+
+  Meta.allow_tag_with_this_attribute_values("a", "rel", [
+    "tag",
+    "nofollow",
+    "noopener",
+    "noreferrer",
+    "ugc"
+  ])
+
+  Meta.allow_tag_with_these_attributes("a", ["name", "title"])
+
+  Meta.allow_tag_with_these_attributes("abbr", ["title"])
+
+  Meta.allow_tag_with_these_attributes("b", [])
+  Meta.allow_tag_with_these_attributes("blockquote", [])
+  Meta.allow_tag_with_these_attributes("br", [])
+  Meta.allow_tag_with_these_attributes("code", [])
+  Meta.allow_tag_with_these_attributes("del", [])
+  Meta.allow_tag_with_these_attributes("em", [])
+  Meta.allow_tag_with_these_attributes("i", [])
+  Meta.allow_tag_with_these_attributes("li", [])
+  Meta.allow_tag_with_these_attributes("ol", [])
+  Meta.allow_tag_with_these_attributes("p", [])
+  Meta.allow_tag_with_these_attributes("pre", [])
+  Meta.allow_tag_with_these_attributes("strong", [])
+  Meta.allow_tag_with_these_attributes("u", [])
+  Meta.allow_tag_with_these_attributes("ul", [])
+  Meta.allow_tag_with_these_attributes("img", ["src", "alt"])
+
+  Meta.allow_tag_with_this_attribute_values("span", "class", ["h-card", "mention"])
+  Meta.allow_tag_with_these_attributes("span", ["data-user"])
+
+  Meta.allow_tag_with_these_attributes("h1", [])
+  Meta.allow_tag_with_these_attributes("h2", [])
+  Meta.allow_tag_with_these_attributes("h3", [])
+  Meta.allow_tag_with_these_attributes("h4", [])
+  Meta.allow_tag_with_these_attributes("h5", [])
+
+  Meta.strip_everything_not_covered()
+end

lib/service/formatter/formatter.ex

@@ -10,18 +10,18 @@ defmodule Mobilizon.Service.Formatter do
 
   alias Mobilizon.Actors
   alias Mobilizon.Actors.Actor
-  alias Mobilizon.Service.HTML
+  alias Mobilizon.Service.Formatter.HTML
 
   @link_regex ~r"((?:http(s)?:\/\/)?[\w.-]+(?:\.[\w\.-]+)+[\w\-\._~%:/?#[\]@!\$&'\(\)\*\+,;=.]+)|[0-9a-z+\-\.]+:[0-9a-z$-_.+!*'(),]+"ui
   @markdown_characters_regex ~r/(`|\*|_|{|}|[|]|\(|\)|#|\+|-|\.|!)/
 
   @auto_linker_config hashtag: true,
-                      hashtag_handler: &Mobilizon.Service.Formatter.hashtag_handler/4,
+                      hashtag_handler: &__MODULE__.hashtag_handler/4,
                       mention: true,
-                      mention_handler: &Mobilizon.Service.Formatter.mention_handler/4
+                      mention_handler: &__MODULE__.mention_handler/4
 
   def escape_mention_handler("@" <> nickname = mention, buffer, _, _) do
-    case Mobilizon.Actors.get_actor_by_name(nickname) do
+    case Actors.get_actor_by_name(nickname) do
       %Actor{} ->
         # escape markdown characters with `\\`
         # (we don't want something like @user__name to be parsed by markdown)

lib/service/formatter/html.ex

@@ -0,0 +1,17 @@
+# Portions of this file are derived from Pleroma:
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social>
+# SPDX-License-Identifier: AGPL-3.0-only
+# Upstream: https://git.pleroma.social/pleroma/pleroma/blob/develop/lib/pleroma/html.ex
+
+defmodule Mobilizon.Service.Formatter.HTML do
+  @moduledoc """
+  Service to filter tags out of HTML content.
+  """
+
+  alias HtmlSanitizeEx.Scrubber
+
+  alias Mobilizon.Service.Formatter.DefaultScrubbler
+
+  def filter_tags(html), do: Scrubber.scrub(html, DefaultScrubbler)
+end
+