mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-12 16:14:25 +03:00
d40f545106
closes #3387 - added placeholder for <script> and <iframe> - added google-caja sanitizer - changed title in posts overview to ‚double-stash‘
29 lines
514 B
JavaScript
29 lines
514 B
JavaScript
/**
|
|
* google-caja uses url() and id() to verify if the values are allowed.
|
|
*/
|
|
var url,
|
|
id;
|
|
|
|
/**
|
|
* Check if URL is allowed
|
|
* URLs are allowed if they start with http://, https://, or /.
|
|
*/
|
|
var url = function (url) {
|
|
url = url.toString().replace(/['"]+/g, '');
|
|
if (/^https?:\/\//.test(url) || /^\//.test(url)) {
|
|
return url;
|
|
}
|
|
};
|
|
|
|
/**
|
|
* Check if ID is allowed
|
|
* All ids are allowed at the moment.
|
|
*/
|
|
var id = function (id) {
|
|
return id;
|
|
};
|
|
|
|
export default {
|
|
url: url,
|
|
id: id
|
|
}; |