2020-05-18 16:51:46 +02:00
|
|
|
// To use comlink under ES5
|
|
|
|
import "proxy-polyfill";
|
|
|
|
import { expose } from "comlink";
|
2019-08-24 21:48:57 +02:00
|
|
|
import marked from "marked";
|
|
|
|
// @ts-ignore
|
|
|
|
import filterXSS from "xss";
|
|
|
|
|
2019-09-09 08:47:28 +02:00
|
|
|
interface WhiteList {
|
|
|
|
[tag: string]: string[];
|
|
|
|
}
|
2019-09-07 02:36:28 +02:00
|
|
|
|
2019-09-09 08:47:28 +02:00
|
|
|
let whiteListNormal: WhiteList | undefined;
|
|
|
|
let whiteListSvg: WhiteList | undefined;
|
2019-09-07 02:36:28 +02:00
|
|
|
|
2020-05-18 16:51:46 +02:00
|
|
|
const renderMarkdown = (
|
2019-09-07 02:36:28 +02:00
|
|
|
content: string,
|
|
|
|
markedOptions: object,
|
|
|
|
hassOptions: {
|
|
|
|
// Do not allow SVG on untrusted content, it allows XSS.
|
|
|
|
allowSvg?: boolean;
|
|
|
|
} = {}
|
2020-05-18 16:51:46 +02:00
|
|
|
): string => {
|
2019-09-09 08:47:28 +02:00
|
|
|
if (!whiteListNormal) {
|
|
|
|
whiteListNormal = {
|
|
|
|
...filterXSS.whiteList,
|
|
|
|
"ha-icon": ["icon"],
|
2020-05-08 13:10:24 +02:00
|
|
|
"ha-svg-icon": ["path"],
|
2019-09-09 08:47:28 +02:00
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
let whiteList: WhiteList | undefined;
|
|
|
|
|
|
|
|
if (hassOptions.allowSvg) {
|
|
|
|
if (!whiteListSvg) {
|
|
|
|
whiteListSvg = {
|
|
|
|
...whiteListNormal,
|
|
|
|
svg: ["xmlns", "height", "width"],
|
|
|
|
path: ["transform", "stroke", "d"],
|
2020-04-22 11:51:50 +02:00
|
|
|
img: ["src"],
|
2019-09-09 08:47:28 +02:00
|
|
|
};
|
|
|
|
}
|
|
|
|
whiteList = whiteListSvg;
|
|
|
|
} else {
|
|
|
|
whiteList = whiteListNormal;
|
|
|
|
}
|
|
|
|
|
|
|
|
return filterXSS(marked(content, markedOptions), {
|
|
|
|
whiteList,
|
2019-08-24 21:48:57 +02:00
|
|
|
});
|
2019-09-09 08:47:28 +02:00
|
|
|
};
|
2020-05-18 16:51:46 +02:00
|
|
|
|
2020-05-23 08:05:47 +02:00
|
|
|
const api = {
|
2020-05-18 16:51:46 +02:00
|
|
|
renderMarkdown,
|
|
|
|
};
|
|
|
|
|
2020-05-23 08:05:47 +02:00
|
|
|
export type api = typeof api;
|
|
|
|
|
2020-05-18 16:51:46 +02:00
|
|
|
expose(api);
|