From c8e0c813b5af828036d55dbec88cd27cdef772b6 Mon Sep 17 00:00:00 2001 From: Thomas Sileo Date: Thu, 14 Jul 2022 15:16:58 +0200 Subject: [PATCH] Fix inline img support in object --- app/scss/main.scss | 3 +++ app/templates.py | 14 ++++++++++++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/app/scss/main.scss b/app/scss/main.scss index 2b1e95c..0b1ede7 100644 --- a/app/scss/main.scss +++ b/app/scss/main.scss @@ -226,6 +226,9 @@ nav.flexbox { margin: 30px 0; } } + img.inline-img { + max-width: 740px; + } } .ap-object-expanded { border: 2px dashed $secondary-color; diff --git a/app/templates.py b/app/templates.py index da2354b..1a98730 100644 --- a/app/templates.py +++ b/app/templates.py @@ -245,11 +245,20 @@ def _allow_class(_tag: str, name: str, value: str) -> bool: return name == "class" and value in ALLOWED_CSS_CLASSES +def _allow_img_attrs(_tag: str, name: str, value: str) -> bool: + if name in ["src", "alt", "title"]: + return True + if name == "class" and value == "inline-img": + return True + + return False + + ALLOWED_ATTRIBUTES: dict[str, list[str] | Callable[[str, str, str], bool]] = { "a": ["href", "title"], "abbr": ["title"], "acronym": ["title"], - "img": ["src", "alt", "title"], + "img": _allow_img_attrs, "div": _allow_class, "span": _allow_class, "code": _allow_class, @@ -267,7 +276,8 @@ def _update_inline_imgs(content): if not img.attrs.get("src"): continue - img.attrs["src"] = _media_proxy_url(img.attrs["src"]) + img.attrs["src"] = _media_proxy_url(img.attrs["src"]) + "/740" + img["class"] = "inline-img" return soup.find("body").decode_contents()