Add sanitizer rules per renderer (#16110)

* Added sanitizer rules per renderer. * Updated documentation. Co-authored-by: techknowlogick <techknowlogick@gitea.io>
author: KN4CK3R <admin@oldschoolhack.me> 2021-06-23 23:09:51 +0200
committer: GitHub <noreply@github.com> 2021-06-23 17:09:51 -0400
commit: c9c7afda1a80bda7b61ded222163db796132b78f (patch)
tree: 2145a5afe7c7a19d450b7def199dc302e1c8d6f2 /modules/markup/csv
parent: eb324a9402878a13029116bafa8ccce527796522 (diff)
download: gitea-c9c7afda1a80bda7b61ded222163db796132b78f.tar.gz
gitea-c9c7afda1a80bda7b61ded222163db796132b78f.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/modules/markup/csv/csv.go b/modules/markup/csv/csv.go
index 6572b0ee1e..8a4df89511 100644
--- a/modules/markup/csv/csv.go
+++ b/modules/markup/csv/csv.go
@@ -10,6 +10,7 @@ import (
 	"html"
 	"io"
 	"io/ioutil"
+	"regexp"
 	"strconv"
 
 	"code.gitea.io/gitea/modules/csv"
@@ -38,6 +39,15 @@ func (Renderer) Extensions() []string {
 	return []string{".csv", ".tsv"}
 }
 
+// SanitizerRules implements markup.Renderer
+func (Renderer) SanitizerRules() []setting.MarkupSanitizerRule {
+	return []setting.MarkupSanitizerRule{
+		{Element: "table", AllowAttr: "class", Regexp: regexp.MustCompile(`data-table`)},
+		{Element: "th", AllowAttr: "class", Regexp: regexp.MustCompile(`line-num`)},
+		{Element: "td", AllowAttr: "class", Regexp: regexp.MustCompile(`line-num`)},
+	}
+}
+
 func writeField(w io.Writer, element, class, field string) error {
 	if _, err := io.WriteString(w, "<"); err != nil {
 		return err
author	KN4CK3R <admin@oldschoolhack.me>	2021-06-23 23:09:51 +0200
committer	GitHub <noreply@github.com>	2021-06-23 17:09:51 -0400
commit	c9c7afda1a80bda7b61ded222163db796132b78f (patch)
tree	2145a5afe7c7a19d450b7def199dc302e1c8d6f2 /modules/markup/csv
parent	eb324a9402878a13029116bafa8ccce527796522 (diff)
download	gitea-c9c7afda1a80bda7b61ded222163db796132b78f.tar.gz gitea-c9c7afda1a80bda7b61ded222163db796132b78f.zip