mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-29 22:01:49 +03:00
983110d931
no issue - add eslint-plugin-ember, configure no-old-shims rule - run `eslint --fix` on `app`, `lib`, `mirage`, and `tests` to move imports to the new module imports - further cleanup of Ember globals usage - remove event-dispatcher initializer now that `canDispatchToEventManager` is deprecated
26 lines
899 B
JavaScript
26 lines
899 B
JavaScript
/* global html_sanitize*/
|
|
import cajaSanitizers from 'ghost-admin/utils/caja-sanitizers';
|
|
import {helper} from '@ember/component/helper';
|
|
import {htmlSafe} from '@ember/string';
|
|
|
|
export default helper(function (params) {
|
|
if (!params || !params.length) {
|
|
return;
|
|
}
|
|
|
|
let escapedhtml = params[0] || '';
|
|
|
|
// replace script and iFrame
|
|
escapedhtml = escapedhtml.replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi,
|
|
'<pre class="js-embed-placeholder">Embedded JavaScript</pre>');
|
|
escapedhtml = escapedhtml.replace(/<iframe\b[^<]*(?:(?!<\/iframe>)<[^<]*)*<\/iframe>/gi,
|
|
'<pre class="iframe-embed-placeholder">Embedded iFrame</pre>');
|
|
|
|
// sanitize HTML
|
|
/* eslint-disable camelcase */
|
|
escapedhtml = html_sanitize(escapedhtml, cajaSanitizers.url, cajaSanitizers.id);
|
|
/* eslint-enable camelcase */
|
|
|
|
return htmlSafe(escapedhtml);
|
|
});
|