KevaChat/webapp
1
0
Fork 0
mirror of https://github.com/kevachat/webapp.git synced 2025-01-10 14:58:02 +00:00
Code Issues Projects Releases Wiki Activity

replace common markdown filter with limited html version to prevent users deanon by remote images request

Browse Source
This commit is contained in:
ghost 2023-12-08 03:40:02 +02:00
parent 2327cc7d0a
commit 2d2e79cd07
3 changed files with 42 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.env
View File

@ -19,7 +19,7 @@ APP_ENV=dev
APP_SECRET=EDIT_ME
###< symfony/framework-bundle ###
APP_VERSION=1.2.0
APP_VERSION=1.2.1
APP_NAME=KevaChat

36
src/Twig/AppExtension.php
View File

@ -52,6 +52,20 @@ class AppExtension extends AbstractExtension
'mentionToMarkdown'
]
),
new TwigFilter(
'url_to_html',
[
$this,
'urlToHtml'
]
),
new TwigFilter(
'mention_to_html',
[
$this,
'mentionToHtml'
]
),
new TwigFilter(
'keva_namespace_value',
[
@ -170,6 +184,28 @@ class AppExtension extends AbstractExtension
);
}
public function urlToHtml(
string $text
): string
{
return preg_replace(
'~(https?://(?:www\.)?[^\(\s\)]+)~i',
'<a href="$1">$1</a>',
$text
);
}
public function mentionToHtml(
string $text
): string
{
return preg_replace(
'~@([A-z0-9]{64})~i',
'<a href="#$1">@$1</a>',
$text
);
}
private function plural(int $number, array $texts)
{
$cases = [2, 0, 1, 1, 1, 2];

5
templates/default/room/index.html.twig
View File

@ -34,8 +34,13 @@
</svg>
</span>
{% endif %}
{# markdown filter enabled could deanon chat users by external image request, disabled
<br />
{{ post.message | message_to_markdown | markdown_to_html }}
#}
<p>
{{ post.message | trim | nl2br | url_to_html | mention_to_html }}
</p>
</li>
{% endfor %}
</ul>