html_sanitizer.rb 1.7 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. class HtmlSanitizer
  3. PROCESSING_TIMEOUT = Setting.get('html_sanitizer_processing_timeout').to_i.seconds
  4. UNPROCESSABLE_HTML_MSG = __('This message cannot be displayed due to HTML processing issues. Download the raw message below and open it via an Email client if you still wish to view it.').freeze
  5. =begin
  6. sanitize html string based on whiltelist
  7. string = HtmlSanitizer.strict(string, external)
  8. =end
  9. def self.strict(string, external = false, timeout: true)
  10. HtmlSanitizer::Strict.new.sanitize(string, external: external, timeout: timeout)
  11. end
  12. =begin
  13. cleanup html string:
  14. * remove empty nodes (p, div, span, table)
  15. * remove nodes in general (keep content - span)
  16. string = HtmlSanitizer.cleanup(string)
  17. =end
  18. def self.cleanup(string, timeout: true)
  19. HtmlSanitizer::Cleanup.new.sanitize(string, timeout: timeout)
  20. end
  21. =begin
  22. replace inline images with cid images
  23. string = HtmlSanitizer.replace_inline_images(article.body)
  24. =end
  25. def self.replace_inline_images(string, prefix = SecureRandom.uuid)
  26. HtmlSanitizer::ReplaceInlineImages.new.sanitize(string, prefix)
  27. end
  28. =begin
  29. sanitize style of img tags
  30. string = HtmlSanitizer.dynamic_image_size(article.body)
  31. =end
  32. def self.dynamic_image_size(string)
  33. HtmlSanitizer::DynamicImageSize.new.sanitize(string)
  34. end
  35. =begin
  36. Adjust image size in html email for MS Outlook to always contain `width` and `height` as tags, not only as part of the `style`.
  37. string = HtmlSanitizer.adjust_inline_image_size(article.body)
  38. =end
  39. def self.adjust_inline_image_size(string)
  40. HtmlSanitizer::AdjustInlineImageSize.new.sanitize(string)
  41. end
  42. end