Move packages + remove circular dependencies

2020-10-23 17:12:38 +02:00
parent ee026ec829
commit 38750a588c
116 changed files with 242 additions and 87 deletions
@@ -0,0 +1,20 @@
+package be.simplenotes.domain.security
+
+import org.owasp.html.HtmlPolicyBuilder
+
+internal object HtmlSanitizer {
+    private val htmlPolicy = HtmlPolicyBuilder()
+        .allowElements("a")
+        .allowCommonBlockElements()
+        .allowCommonInlineFormattingElements()
+        .allowElements("pre")
+        .allowAttributes("class").onElements("code")
+        .allowUrlProtocols("http", "https")
+        .allowAttributes("href").onElements("a")
+        .allowElements("input")
+        .allowAttributes("type", "checked", "disabled", "readonly").onElements("input")
+        .requireRelNofollowOnLinks()
+        .toFactory()!!
+
+    fun sanitize(unsafeHtml: String) = htmlPolicy.sanitize(unsafeHtml)!!
+}