summaryrefslogtreecommitdiff
path: root/lib/banzai/filter/sanitization_filter.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/banzai/filter/sanitization_filter.rb')
-rw-r--r--lib/banzai/filter/sanitization_filter.rb17
1 files changed, 5 insertions, 12 deletions
diff --git a/lib/banzai/filter/sanitization_filter.rb b/lib/banzai/filter/sanitization_filter.rb
index afc2ca4e362..8275bb9e149 100644
--- a/lib/banzai/filter/sanitization_filter.rb
+++ b/lib/banzai/filter/sanitization_filter.rb
@@ -4,27 +4,20 @@ module Banzai
#
# Extends HTML::Pipeline::SanitizationFilter with a custom whitelist.
class SanitizationFilter < HTML::Pipeline::SanitizationFilter
+ include Gitlab::Utils::StrongMemoize
+
UNSAFE_PROTOCOLS = %w(data javascript vbscript).freeze
TABLE_ALIGNMENT_PATTERN = /text-align: (?<alignment>center|left|right)/
def whitelist
- whitelist = super
-
- customize_whitelist(whitelist)
-
- whitelist
+ strong_memoize(:whitelist) do
+ customize_whitelist(super.dup)
+ end
end
private
- def customized?(transformers)
- transformers.last.source_location[0] == __FILE__
- end
-
def customize_whitelist(whitelist)
- # Only push these customizations once
- return if customized?(whitelist[:transformers])
-
# Allow table alignment; we whitelist specific text-align values in a
# transformer below
whitelist[:attributes]['th'] = %w(style)
View Lorry Controller Status