gearheads/mastodon
Archived
2
0
Fork 0
Code Releases 4 Activity
This repository has been archived on 2024-06-09. You can view files and clone it, but you cannot make any changes to it's state, such as pushing and creating new issues, pull requests or comments.
mastodon/app/serializers/rest/preview_card_serializer.rb
Claire c4f2609f7a
Merge pull request from GHSA-ccm4-vgcc-73hp 
* Tighten allowed HTML in oEmbed-based preview cards

* Sanitize preview cards at render time

* Add `sandbox` attribute to preview card iframes
2023-07-06 15:03:33 +02:00

18 lines
496 B
Ruby
Raw Blame History

# frozen_string_literal: true
class REST::PreviewCardSerializer < ActiveModel::Serializer
include RoutingHelper
attributes :url, :title, :description, :type,
:author_name, :author_url, :provider_name,
:provider_url, :html, :width, :height,
:image, :embed_url, :blurhash
def image
object.image? ? full_asset_url(object.image.url(:original)) : nil
end
def html
Sanitize.fragment(object.html, Sanitize::Config::MASTODON_OEMBED)
end
end
View git blame Copy permalink