diff options
author | Simon Ser <contact@emersion.fr> | 2020-02-25 10:47:38 +0100 |
---|---|---|
committer | Simon Ser <contact@emersion.fr> | 2020-02-25 10:47:38 +0100 |
commit | 62660f8d1d24d8d03d6032b87366ed0e5fd0be41 (patch) | |
tree | 1ae317891fc33565d03b28c6e8313ff24db46585 /plugins | |
parent | 7af7d737003ded76c8f2c876e3460e829d032826 (diff) | |
download | alps-62660f8d1d24d8d03d6032b87366ed0e5fd0be41.tar.gz alps-62660f8d1d24d8d03d6032b87366ed0e5fd0be41.zip |
plugins/viewhtml: add support for inline Content-Id images
Closes: https://todo.sr.ht/~sircmpwn/koushin/33
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/viewhtml/sanitize.go | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/plugins/viewhtml/sanitize.go b/plugins/viewhtml/sanitize.go index d5c94a7..c7de703 100644 --- a/plugins/viewhtml/sanitize.go +++ b/plugins/viewhtml/sanitize.go @@ -3,6 +3,7 @@ package koushinviewhtml import ( "bytes" "fmt" + "net/url" "regexp" "strings" @@ -73,8 +74,23 @@ type sanitizer struct { msg *koushinbase.IMAPMessage } -func (san *sanitizer) sanitizeResourceURL(src string) string { - return "about:blank" +func (san *sanitizer) sanitizeImageURL(src string) string { + u, err := url.Parse(src) + if err != nil { + return "about:blank" + } + + // TODO: mid support? + if !strings.EqualFold(u.Scheme, "cid") || san.msg == nil { + return "about:blank" + } + + part := san.msg.PartByID(u.Opaque) + if part == nil || !strings.HasPrefix(part.MIMEType, "image/") { + return "about:blank" + } + + return part.URL(true).String() } func (san *sanitizer) sanitizeCSSDecls(decls []*css.Declaration) []*css.Declaration { @@ -114,7 +130,7 @@ func (san *sanitizer) sanitizeNode(n *html.Node) { for i := range n.Attr { attr := &n.Attr[i] if strings.EqualFold(attr.Key, "src") { - attr.Val = san.sanitizeResourceURL(attr.Val) + attr.Val = san.sanitizeImageURL(attr.Val) } } } else if strings.EqualFold(n.Data, "style") { |