Plume/plume-models/src/safe_string.rs

225 lines
6.3 KiB
Rust
Raw Normal View History

use ammonia::{Builder, UrlRelative};
use diesel::{
self,
deserialize::Queryable,
serialize::{self, Output},
sql_types::Text,
types::ToSql,
};
use serde::{self, de::Visitor, Deserialize, Deserializer, Serialize, Serializer};
use std::{
borrow::{Borrow, Cow},
fmt::{self, Display},
io::Write,
ops::Deref,
};
lazy_static! {
static ref CLEAN: Builder<'static> = {
let mut b = Builder::new();
2021-01-02 00:13:54 +01:00
b.add_generic_attributes(&["id", "dir"])
.add_tags(&["iframe", "video", "audio", "label", "input"])
.id_prefix(Some("postcontent-"))
.url_relative(UrlRelative::Custom(Box::new(url_add_prefix)))
.add_tag_attributes(
"iframe",
2019-03-20 17:56:17 +01:00
["width", "height", "src", "frameborder"].iter().cloned(),
)
2019-03-20 17:56:17 +01:00
.add_tag_attributes("video", ["src", "title", "controls"].iter())
.add_tag_attributes("audio", ["src", "title", "controls"].iter())
.add_tag_attributes("label", ["for"].iter())
.add_tag_attributes("input", ["type", "checked"].iter())
.add_allowed_classes("input", ["cw-checkbox"].iter())
.add_allowed_classes(
"span",
[
"cw-container",
"cw-text",
//Scope classes for the syntax highlighting.
"attribute-name",
"comment",
"constant",
"control",
"declaration",
"entity",
"function",
"invalid",
"keyword",
"language",
"modifier",
"name",
"numeric",
"operator",
"parameter",
"punctuation",
"source",
"storage",
"string",
"support",
"tag",
"type",
"variable",
]
.iter(),
)
// Related to https://github.com/Plume-org/Plume/issues/637
.add_allowed_classes("sup", ["footnote-reference", "footnote-definition-label"].iter())
.add_allowed_classes("div", ["footnote-definition"].iter())
.attribute_filter(|elem, att, val| match (elem, att) {
("input", "type") => Some("checkbox".into()),
("input", "checked") => Some("checked".into()),
("label", "for") => {
if val.starts_with("postcontent-cw-") {
Some(val.into())
} else {
None
}
}
_ => Some(val.into()),
});
b
};
}
2021-01-15 17:05:42 +01:00
#[allow(clippy::unnecessary_wraps)]
2020-01-21 07:02:03 +01:00
fn url_add_prefix(url: &str) -> Option<Cow<'_, str>> {
if url.starts_with('#') && !url.starts_with("#postcontent-") {
//if start with an #
let mut new_url = "#postcontent-".to_owned(); //change to valid id
new_url.push_str(&url[1..]);
Some(Cow::Owned(new_url))
} else {
Some(Cow::Borrowed(url))
}
}
#[derive(Debug, Clone, PartialEq, AsExpression, FromSqlRow, Default)]
#[sql_type = "Text"]
pub struct SafeString {
value: String,
}
impl SafeString {
pub fn new(value: &str) -> Self {
SafeString {
value: CLEAN.clean(&value).to_string(),
}
}
/// Creates a new `SafeString`, but without escaping the given value.
///
/// Only use when you are sure you can trust the input (when the HTML
/// is entirely generated by Plume, not depending on user-inputed data).
/// Prefer `SafeString::new` as much as possible.
pub fn trusted(value: impl AsRef<str>) -> Self {
SafeString {
2019-03-20 17:56:17 +01:00
value: value.as_ref().to_string(),
}
}
pub fn set(&mut self, value: &str) {
self.value = CLEAN.clean(value).to_string();
}
pub fn get(&self) -> &String {
&self.value
}
}
impl Serialize for SafeString {
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: Serializer,
{
serializer.serialize_str(&self.value)
}
}
struct SafeStringVisitor;
impl<'de> Visitor<'de> for SafeStringVisitor {
type Value = SafeString;
2020-01-21 07:02:03 +01:00
fn expecting(&self, formatter: &mut fmt::Formatter<'_>) -> fmt::Result {
formatter.write_str("a string")
}
fn visit_str<E>(self, value: &str) -> Result<SafeString, E>
where
E: serde::de::Error,
{
Ok(SafeString::new(value))
}
}
impl<'de> Deserialize<'de> for SafeString {
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
Ok(deserializer.deserialize_string(SafeStringVisitor)?)
}
}
#[cfg(all(feature = "postgres", not(feature = "sqlite")))]
impl Queryable<Text, diesel::pg::Pg> for SafeString {
type Row = String;
fn build(value: Self::Row) -> Self {
SafeString::new(&value)
}
}
2018-09-27 23:06:40 +02:00
#[cfg(all(feature = "sqlite", not(feature = "postgres")))]
2018-09-27 23:06:40 +02:00
impl Queryable<Text, diesel::sqlite::Sqlite> for SafeString {
type Row = String;
fn build(value: Self::Row) -> Self {
SafeString::new(&value)
}
}
impl<DB> ToSql<diesel::sql_types::Text, DB> for SafeString
where
DB: diesel::backend::Backend,
str: ToSql<diesel::sql_types::Text, DB>,
{
2020-01-21 07:02:03 +01:00
fn to_sql<W: Write>(&self, out: &mut Output<'_, W, DB>) -> serialize::Result {
str::to_sql(&self.value, out)
}
}
impl Borrow<str> for SafeString {
fn borrow(&self) -> &str {
&self.value
}
}
impl Display for SafeString {
2020-01-21 07:02:03 +01:00
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
write!(f, "{}", self.value)
}
}
impl Deref for SafeString {
type Target = str;
fn deref(&self) -> &str {
&self.value
}
}
impl AsRef<str> for SafeString {
fn as_ref(&self) -> &str {
&self.value
}
}
use rocket::http::RawStr;
use rocket::request::FromFormValue;
impl<'v> FromFormValue<'v> for SafeString {
type Error = &'v RawStr;
fn from_form_value(form_value: &'v RawStr) -> Result<SafeString, &'v RawStr> {
let val = String::from_form_value(form_value)?;
Ok(SafeString::new(&val))
}
}