plugins/base/sanitize_html.go


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

package koushinbase

import (
	"github.com/microcosm-cc/bluemonday"
)

func sanitizeHTML(b []byte) []byte {
	p := bluemonday.UGCPolicy()

	// TODO: be more strict
	p.AllowElements("style")
	p.AllowAttrs("style")

	p.AddTargetBlankToFullyQualifiedLinks(true)
	p.RequireNoFollowOnLinks(true)

	return p.SanitizeBytes(b)
}