alps/plugins/base/sanitize_html.go

package koushinbase

import (
	"github.com/microcosm-cc/bluemonday"
)

func sanitizeHTML(b string) string {
	p := bluemonday.UGCPolicy()

	// TODO: be more strict
	p.AllowElements("style")
	p.AllowAttrs("style")

	p.AddTargetBlankToFullyQualifiedLinks(true)
	p.RequireNoFollowOnLinks(true)

	return p.Sanitize(b)
}
Extract HTML sanitizer to its own file 2020-01-08 13:25:46 +00:00			`package koushinbase`

			`import (`
			`"github.com/microcosm-cc/bluemonday"`
			`)`

			`func sanitizeHTML(b string) string {`
			`p := bluemonday.UGCPolicy()`

			`// TODO: be more strict`
			`p.AllowElements("style")`
			`p.AllowAttrs("style")`

			`p.AddTargetBlankToFullyQualifiedLinks(true)`
			`p.RequireNoFollowOnLinks(true)`

			`return p.Sanitize(b)`
			`}`