summaryrefslogtreecommitdiff
path: root/lib/banzai
diff options
context:
space:
mode:
Diffstat (limited to 'lib/banzai')
-rw-r--r--lib/banzai/filter/base_sanitization_filter.rb3
-rw-r--r--lib/banzai/filter/custom_emoji_filter.rb12
-rw-r--r--lib/banzai/filter/image_link_filter.rb7
-rw-r--r--lib/banzai/filter/kroki_filter.rb16
-rw-r--r--lib/banzai/filter/plantuml_filter.rb10
-rw-r--r--lib/banzai/filter/repository_link_filter.rb2
-rw-r--r--lib/banzai/pipeline/gfm_pipeline.rb2
7 files changed, 38 insertions, 14 deletions
diff --git a/lib/banzai/filter/base_sanitization_filter.rb b/lib/banzai/filter/base_sanitization_filter.rb
index 4e350a59fa0..3b00d1a9824 100644
--- a/lib/banzai/filter/base_sanitization_filter.rb
+++ b/lib/banzai/filter/base_sanitization_filter.rb
@@ -39,6 +39,9 @@ module Banzai
allowlist[:attributes][:all].delete('name')
allowlist[:attributes]['a'].push('name')
+ allowlist[:attributes]['img'].push('data-diagram')
+ allowlist[:attributes]['img'].push('data-diagram-src')
+
# Allow any protocol in `a` elements
# and then remove links with unsafe protocols
allowlist[:protocols].delete('a')
diff --git a/lib/banzai/filter/custom_emoji_filter.rb b/lib/banzai/filter/custom_emoji_filter.rb
index a5f1a22c483..ae95c7f66b6 100644
--- a/lib/banzai/filter/custom_emoji_filter.rb
+++ b/lib/banzai/filter/custom_emoji_filter.rb
@@ -8,8 +8,7 @@ module Banzai
IGNORED_ANCESTOR_TAGS = %w(pre code tt).to_set
def call
- return doc unless context[:project]
- return doc unless Feature.enabled?(:custom_emoji, context[:project])
+ return doc unless resource_parent
doc.xpath('descendant-or-self::text()').each do |node|
content = node.to_html
@@ -50,12 +49,12 @@ module Banzai
def has_custom_emoji?
strong_memoize(:has_custom_emoji) do
- namespace&.custom_emoji&.any?
+ CustomEmoji.for_resource(resource_parent).any?
end
end
- def namespace
- context[:project].namespace.root_ancestor
+ def resource_parent
+ context[:project] || context[:group]
end
def custom_emoji_candidates
@@ -63,7 +62,8 @@ module Banzai
end
def all_custom_emoji
- @all_custom_emoji ||= namespace.custom_emoji.by_name(custom_emoji_candidates).index_by(&:name)
+ @all_custom_emoji ||=
+ CustomEmoji.for_resource(resource_parent).by_name(custom_emoji_candidates).index_by(&:name)
end
end
end
diff --git a/lib/banzai/filter/image_link_filter.rb b/lib/banzai/filter/image_link_filter.rb
index 44acc7805b4..60881b5f511 100644
--- a/lib/banzai/filter/image_link_filter.rb
+++ b/lib/banzai/filter/image_link_filter.rb
@@ -27,6 +27,13 @@ module Banzai
# make sure the original non-proxied src carries over to the link
link['data-canonical-src'] = img['data-canonical-src'] if img['data-canonical-src']
+ if img['data-diagram'] && img['data-diagram-src']
+ link['data-diagram'] = img['data-diagram']
+ link['data-diagram-src'] = img['data-diagram-src']
+ img.remove_attribute('data-diagram')
+ img.remove_attribute('data-diagram-src')
+ end
+
link.children = if link_replaces_image
img['alt'] || img['data-src'] || img['src']
else
diff --git a/lib/banzai/filter/kroki_filter.rb b/lib/banzai/filter/kroki_filter.rb
index 9aa2afce5a8..845c7f2bc0a 100644
--- a/lib/banzai/filter/kroki_filter.rb
+++ b/lib/banzai/filter/kroki_filter.rb
@@ -25,11 +25,19 @@ module Banzai
diagram_type = node.parent['lang']
diagram_src = node.content
image_src = create_image_src(diagram_type, diagram_format, diagram_src)
- lazy_load = diagram_src.length > MAX_CHARACTER_LIMIT
- other_attrs = lazy_load ? "hidden" : ""
+ img_tag = Nokogiri::HTML::DocumentFragment.parse(%(<img src="#{image_src}" />))
+ img_tag = img_tag.children.first
- img_tag = Nokogiri::HTML::DocumentFragment.parse(%(<img class="js-render-kroki" src="#{image_src}" #{other_attrs} />))
- node.parent.replace(img_tag)
+ unless img_tag.nil?
+ lazy_load = diagram_src.length > MAX_CHARACTER_LIMIT
+ img_tag.set_attribute('hidden', '') if lazy_load
+ img_tag.set_attribute('class', 'js-render-kroki')
+
+ img_tag.set_attribute('data-diagram', node.parent['lang'])
+ img_tag.set_attribute('data-diagram-src', "data:text/plain;base64,#{Base64.strict_encode64(node.content)}")
+
+ node.parent.replace(img_tag)
+ end
end
doc
diff --git a/lib/banzai/filter/plantuml_filter.rb b/lib/banzai/filter/plantuml_filter.rb
index 68a99702d6f..cbcd547120d 100644
--- a/lib/banzai/filter/plantuml_filter.rb
+++ b/lib/banzai/filter/plantuml_filter.rb
@@ -15,8 +15,14 @@ module Banzai
doc.xpath(lang_tag).each do |node|
img_tag = Nokogiri::HTML::DocumentFragment.parse(
- Asciidoctor::PlantUml::Processor.plantuml_content(node.content, {}))
- node.parent.replace(img_tag)
+ Asciidoctor::PlantUml::Processor.plantuml_content(node.content, {})).css('img').first
+
+ unless img_tag.nil?
+ img_tag.set_attribute('data-diagram', 'plantuml')
+ img_tag.set_attribute('data-diagram-src', "data:text/plain;base64,#{Base64.strict_encode64(node.content)}")
+
+ node.parent.replace(img_tag)
+ end
end
doc
diff --git a/lib/banzai/filter/repository_link_filter.rb b/lib/banzai/filter/repository_link_filter.rb
index 408e6dc685d..f5cf1833304 100644
--- a/lib/banzai/filter/repository_link_filter.rb
+++ b/lib/banzai/filter/repository_link_filter.rb
@@ -180,7 +180,7 @@ module Banzai
parts.pop if uri_type(request_path) != :tree
- path.sub!(%r{\A\./}, '')
+ path.delete_prefix!('./')
while path.start_with?('../')
parts.pop
diff --git a/lib/banzai/pipeline/gfm_pipeline.rb b/lib/banzai/pipeline/gfm_pipeline.rb
index df8151b3296..5e7c2f64c92 100644
--- a/lib/banzai/pipeline/gfm_pipeline.rb
+++ b/lib/banzai/pipeline/gfm_pipeline.rb
@@ -15,11 +15,11 @@ module Banzai
# Must always be before the SanitizationFilter to prevent XSS attacks
Filter::SpacedLinkFilter,
Filter::SanitizationFilter,
+ Filter::KrokiFilter,
Filter::AssetProxyFilter,
Filter::SyntaxHighlightFilter,
Filter::MathFilter,
Filter::ColorFilter,
- Filter::KrokiFilter,
Filter::MermaidFilter,
Filter::VideoLinkFilter,
Filter::AudioLinkFilter,
View Lorry Controller Status