mirror of
https://github.com/mastodon/mastodon.git
synced 2024-11-25 14:05:11 +01:00
6d8e0fae3e
* Tighten allowed HTML in oEmbed-based preview cards * Sanitize preview cards at render time * Add `sandbox` attribute to preview card iframes
19 lines
507 B
Ruby
19 lines
507 B
Ruby
# frozen_string_literal: true
|
|
|
|
class REST::PreviewCardSerializer < ActiveModel::Serializer
|
|
include RoutingHelper
|
|
|
|
attributes :url, :title, :description, :language, :type,
|
|
:author_name, :author_url, :provider_name,
|
|
:provider_url, :html, :width, :height,
|
|
:image, :embed_url, :blurhash
|
|
|
|
def image
|
|
object.image? ? full_asset_url(object.image.url(:original)) : nil
|
|
end
|
|
|
|
def html
|
|
Sanitize.fragment(object.html, Sanitize::Config::MASTODON_OEMBED)
|
|
end
|
|
end
|