"@types/lodash-es": "^4.17.0",
"@types/markdown-it": "^0.0.4",
"@types/node": "^8.0.33",
+ "@types/sanitize-html": "^1.14.0",
"@types/video.js": "6.2.0",
"@types/webtorrent": "^0.98.4",
"angular2-notifications": "^0.9.6",
"raw-loader": "^0.5.1",
"resolve-url-loader": "^2.0.0",
"rxjs": "^5.4.2",
+ "sanitize-html": "^1.16.3",
"sass-loader": "^6.0.3",
"sass-resources-loader": "^1.2.1",
"standard": "^10.0.0",
<a target="_blank" [href]="comment.account.url" class="comment-account">{{ comment.by }}</a>
<div class="comment-date">{{ comment.createdAt | myFromNow }}</div>
</div>
- <div>{{ comment.text }}</div>
+ <div class="comment-html" [innerHTML]="sanitizedCommentHTML"></div>
<div class="comment-actions">
<div *ngIf="isUserLoggedIn()" (click)="onWantToReply()" class="comment-action-reply">Reply</div>
}
}
+ .comment-html {
+ a {
+ @include disable-default-a-behaviour;
+
+ color: #000;
+ }
+ }
+
.comment-actions {
margin: 10px 0;
display: flex;
-import { Component, EventEmitter, Input, Output } from '@angular/core'
+import { Component, EventEmitter, Input, OnInit, Output } from '@angular/core'
+import * as sanitizeHtml from 'sanitize-html'
import { Account as AccountInterface } from '../../../../../../shared/models/actors'
import { UserRight } from '../../../../../../shared/models/users'
import { VideoCommentThreadTree } from '../../../../../../shared/models/videos/video-comment.model'
templateUrl: './video-comment.component.html',
styleUrls: ['./video-comment.component.scss']
})
-export class VideoCommentComponent {
+export class VideoCommentComponent implements OnInit {
@Input() video: Video
@Input() comment: VideoComment
@Input() commentTree: VideoCommentThreadTree
@Output() threadCreated = new EventEmitter<VideoCommentThreadTree>()
@Output() resetReply = new EventEmitter()
+ sanitizedCommentHTML = ''
+
constructor (private authService: AuthService) {}
get user () {
return this.authService.getUser()
}
+ ngOnInit () {
+ this.sanitizedCommentHTML = sanitizeHtml(this.comment.text, {
+ allowedTags: [ 'p', 'span' ]
+ })
+ }
+
onCommentReplyCreated (createdComment: VideoComment) {
if (!this.commentTree) {
this.commentTree = {
"@types/node" "*"
"@types/parse-torrent-file" "*"
+"@types/sanitize-html@^1.14.0":
+ version "1.14.0"
+ resolved "https://registry.yarnpkg.com/@types/sanitize-html/-/sanitize-html-1.14.0.tgz#9a03ec58306e24feaa3fbdb8ab593934d53ecb05"
+
"@types/simple-peer@*":
version "6.1.4"
resolved "https://registry.yarnpkg.com/@types/simple-peer/-/simple-peer-6.1.4.tgz#1d1384e1d8dc17b9e7d1673d704febe91ca48191"
dependencies:
array-uniq "^1.0.1"
-array-uniq@^1.0.1:
+array-uniq@^1.0.1, array-uniq@^1.0.2:
version "1.0.3"
resolved "https://registry.yarnpkg.com/array-uniq/-/array-uniq-1.0.3.tgz#af6ac877a25cc7f74e058894753858dfdb24fdb6"
version "1.1.7"
resolved "https://registry.yarnpkg.com/domain-browser/-/domain-browser-1.1.7.tgz#867aa4b093faa05f1de08c06f4d7b21fdf8698bc"
-domelementtype@1:
+domelementtype@1, domelementtype@^1.3.0:
version "1.3.0"
resolved "https://registry.yarnpkg.com/domelementtype/-/domelementtype-1.3.0.tgz#b17aed82e8ab59e52dd9c19b1756e0fc187204c2"
dependencies:
domelementtype "1"
+domhandler@^2.3.0:
+ version "2.4.1"
+ resolved "https://registry.yarnpkg.com/domhandler/-/domhandler-2.4.1.tgz#892e47000a99be55bbf3774ffea0561d8879c259"
+ dependencies:
+ domelementtype "1"
+
domutils@1.1:
version "1.1.6"
resolved "https://registry.yarnpkg.com/domutils/-/domutils-1.1.6.tgz#bddc3de099b9a2efacc51c623f28f416ecc57485"
dom-serializer "0"
domelementtype "1"
+domutils@^1.5.1:
+ version "1.6.2"
+ resolved "https://registry.yarnpkg.com/domutils/-/domutils-1.6.2.tgz#1958cc0b4c9426e9ed367fb1c8e854891b0fa3ff"
+ dependencies:
+ dom-serializer "0"
+ domelementtype "1"
+
duplexer@^0.1.1:
version "0.1.1"
resolved "https://registry.yarnpkg.com/duplexer/-/duplexer-0.1.1.tgz#ace6ff808c1ce66b57d1ebf97977acb02334cfc1"
object-assign "^4.0.1"
tapable "^0.2.7"
-entities@~1.1.1:
+entities@^1.1.1, entities@~1.1.1:
version "1.1.1"
resolved "https://registry.yarnpkg.com/entities/-/entities-1.1.1.tgz#6e5c2d0a5621b5dadaecef80b90edfb5cd7772f0"
pretty-error "^2.0.2"
toposort "^1.0.0"
+htmlparser2@^3.9.0:
+ version "3.9.2"
+ resolved "https://registry.yarnpkg.com/htmlparser2/-/htmlparser2-3.9.2.tgz#1bdf87acca0f3f9e53fa4fcceb0f4b4cbb00b338"
+ dependencies:
+ domelementtype "^1.3.0"
+ domhandler "^2.3.0"
+ domutils "^1.5.1"
+ entities "^1.1.1"
+ inherits "^2.0.1"
+ readable-stream "^2.0.2"
+
htmlparser2@~3.3.0:
version "3.3.0"
resolved "https://registry.yarnpkg.com/htmlparser2/-/htmlparser2-3.3.0.tgz#cc70d05a59f6542e43f0e685c982e14c924a9efe"
version "4.2.0"
resolved "https://registry.yarnpkg.com/lodash.defaults/-/lodash.defaults-4.2.0.tgz#d09178716ffea4dde9e5fb7b37f6f0802274580c"
+lodash.escaperegexp@^4.1.2:
+ version "4.1.2"
+ resolved "https://registry.yarnpkg.com/lodash.escaperegexp/-/lodash.escaperegexp-4.1.2.tgz#64762c48618082518ac3df4ccf5d5886dae20347"
+
lodash.isarguments@^3.0.0:
version "3.1.0"
resolved "https://registry.yarnpkg.com/lodash.isarguments/-/lodash.isarguments-3.1.0.tgz#2f573d85c6a24289ff00663b491c1d338ff3458a"
source-map "^0.6.1"
supports-color "^4.4.0"
+postcss@^6.0.14:
+ version "6.0.15"
+ resolved "https://registry.yarnpkg.com/postcss/-/postcss-6.0.15.tgz#f460cd6269fede0d1bf6defff0b934a9845d974d"
+ dependencies:
+ chalk "^2.3.0"
+ source-map "^0.6.1"
+ supports-color "^5.1.0"
+
prebuild-install@~2.3.0:
version "2.3.0"
resolved "https://registry.yarnpkg.com/prebuild-install/-/prebuild-install-2.3.0.tgz#19481247df728b854ab57b187ce234211311b485"
dependencies:
rust-result "^1.0.0"
+sanitize-html@^1.16.3:
+ version "1.16.3"
+ resolved "https://registry.yarnpkg.com/sanitize-html/-/sanitize-html-1.16.3.tgz#96c1b44a36ff7312e1c22a14b05274370ac8bd56"
+ dependencies:
+ htmlparser2 "^3.9.0"
+ lodash.clonedeep "^4.5.0"
+ lodash.escaperegexp "^4.1.2"
+ lodash.mergewith "^4.6.0"
+ postcss "^6.0.14"
+ srcset "^1.0.0"
+ xtend "^4.0.0"
+
sass-graph@^2.2.4:
version "2.2.4"
resolved "https://registry.yarnpkg.com/sass-graph/-/sass-graph-2.2.4.tgz#13fbd63cd1caf0908b9fd93476ad43a51d1e0b49"
version "1.0.3"
resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c"
+srcset@^1.0.0:
+ version "1.0.0"
+ resolved "https://registry.yarnpkg.com/srcset/-/srcset-1.0.0.tgz#a5669de12b42f3b1d5e83ed03c71046fc48f41ef"
+ dependencies:
+ array-uniq "^1.0.2"
+ number-is-nan "^1.0.0"
+
sshpk@^1.7.0:
version "1.13.1"
resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.13.1.tgz#512df6da6287144316dc4c18fe1cf1d940739be3"
dependencies:
has-flag "^2.0.0"
+supports-color@^5.1.0:
+ version "5.1.0"
+ resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-5.1.0.tgz#058a021d1b619f7ddf3980d712ea3590ce7de3d5"
+ dependencies:
+ has-flag "^2.0.0"
+
svgo@^0.7.0:
version "0.7.2"
resolved "https://registry.yarnpkg.com/svgo/-/svgo-0.7.2.tgz#9f5772413952135c6fefbf40afe6a4faa88b4bb5"
enabled: true
transcoding:
- enabled: true
+ enabled: false
threads: 4
"request": "^2.81.0",
"rimraf": "^2.5.4",
"safe-buffer": "^5.0.1",
- "sanitize-html": "^1.16.3",
"scripty": "^1.5.0",
"sequelize": "4.25.2",
"sequelize-typescript": "^0.6.1",
"@types/node": "^8.0.3",
"@types/pem": "^1.9.3",
"@types/request": "^2.0.3",
- "@types/sanitize-html": "^1.14.0",
"@types/sequelize": "^4.0.55",
"@types/sharp": "^0.17.6",
"@types/supertest": "^2.0.3",
import * as validator from 'validator'
import { exists, isDateValid } from '../misc'
import { isActivityPubUrlValid, isBaseActivityValid } from './misc'
-import * as sanitizeHtml from 'sanitize-html'
function isVideoCommentCreateActivityValid (activity: any) {
return isBaseActivityValid(activity, 'Create') &&
function isVideoCommentObjectValid (comment: any) {
return comment.type === 'Note' &&
isActivityPubUrlValid(comment.id) &&
- sanitizeCommentHTML(comment) &&
isCommentContentValid(comment.content) &&
isActivityPubUrlValid(comment.inReplyTo) &&
isDateValid(comment.published) &&
// ---------------------------------------------------------------------------
-function sanitizeCommentHTML (comment: any) {
- return sanitizeHtml(comment.content, {
- allowedTags: [ 'b', 'i', 'em', 'span', 'a' ],
- allowedAttributes: {
- 'a': [ 'href' ]
- }
- })
-}
-
function isCommentContentValid (content: any) {
return exists(content) && validator.isLength('' + content, { min: 1 })
}
async function processDeleteActivity (activity: ActivityDelete) {
const actor = await getOrCreateActorAndServerAndModel(activity.actor)
+ const objectUrl = typeof activity.object === 'string' ? activity.object : activity.object.id
- if (actor.url === activity.object) {
+ if (actor.url === objectUrl) {
if (actor.type === 'Person') {
if (!actor.Account) throw new Error('Actor ' + actor.url + ' is a person but we cannot find it in database.')
}
{
- const videoCommentInstance = await VideoCommentModel.loadByUrlAndPopulateAccount(activity.object)
+ const videoCommentInstance = await VideoCommentModel.loadByUrlAndPopulateAccount(objectUrl)
if (videoCommentInstance) {
return processDeleteVideoComment(actor, videoCommentInstance)
}
}
{
- const videoInstance = await VideoModel.loadByUrlAndPopulateAccount(activity.object)
+ const videoInstance = await VideoModel.loadByUrlAndPopulateAccount(objectUrl)
if (videoInstance) {
return processDeleteVideo(actor, videoInstance)
}
export interface ActivityDelete extends BaseActivity {
type: 'Delete'
- object: string
+ object: string | { id: string }
}
export interface ActivityFollow extends BaseActivity {
"@types/form-data" "*"
"@types/node" "*"
-"@types/sanitize-html@^1.14.0":
- version "1.14.0"
- resolved "https://registry.yarnpkg.com/@types/sanitize-html/-/sanitize-html-1.14.0.tgz#9a03ec58306e24feaa3fbdb8ab593934d53ecb05"
-
"@types/sequelize@4.0.79", "@types/sequelize@^4.0.55":
version "4.0.79"
resolved "https://registry.yarnpkg.com/@types/sequelize/-/sequelize-4.0.79.tgz#74c366407a978e493e70d7cea3d80c681aed15c0"
dependencies:
array-uniq "^1.0.1"
-array-uniq@^1.0.1, array-uniq@^1.0.2:
+array-uniq@^1.0.1:
version "1.0.3"
resolved "https://registry.yarnpkg.com/array-uniq/-/array-uniq-1.0.3.tgz#af6ac877a25cc7f74e058894753858dfdb24fdb6"
strip-ansi "^3.0.0"
supports-color "^2.0.0"
-chalk@^2.0.0, chalk@^2.0.1, chalk@^2.1.0, chalk@^2.3.0:
+chalk@^2.0.0, chalk@^2.0.1, chalk@^2.1.0:
version "2.3.0"
resolved "https://registry.yarnpkg.com/chalk/-/chalk-2.3.0.tgz#b5ea48efc9c1793dccc9b4767c93914d3f2d52ba"
dependencies:
dependencies:
esutils "^2.0.2"
-dom-serializer@0:
- version "0.1.0"
- resolved "https://registry.yarnpkg.com/dom-serializer/-/dom-serializer-0.1.0.tgz#073c697546ce0780ce23be4a28e293e40bc30c82"
- dependencies:
- domelementtype "~1.1.1"
- entities "~1.1.1"
-
-domelementtype@1, domelementtype@^1.3.0:
- version "1.3.0"
- resolved "https://registry.yarnpkg.com/domelementtype/-/domelementtype-1.3.0.tgz#b17aed82e8ab59e52dd9c19b1756e0fc187204c2"
-
-domelementtype@~1.1.1:
- version "1.1.3"
- resolved "https://registry.yarnpkg.com/domelementtype/-/domelementtype-1.1.3.tgz#bd28773e2642881aec51544924299c5cd822185b"
-
-domhandler@^2.3.0:
- version "2.4.1"
- resolved "https://registry.yarnpkg.com/domhandler/-/domhandler-2.4.1.tgz#892e47000a99be55bbf3774ffea0561d8879c259"
- dependencies:
- domelementtype "1"
-
-domutils@^1.5.1:
- version "1.6.2"
- resolved "https://registry.yarnpkg.com/domutils/-/domutils-1.6.2.tgz#1958cc0b4c9426e9ed367fb1c8e854891b0fa3ff"
- dependencies:
- dom-serializer "0"
- domelementtype "1"
-
dot-prop@^4.1.0:
version "4.2.0"
resolved "https://registry.yarnpkg.com/dot-prop/-/dot-prop-4.2.0.tgz#1f19e0c2e1aa0e32797c49799f2837ac6af69c57"
dependencies:
once "^1.4.0"
-entities@^1.1.1, entities@~1.1.1:
- version "1.1.1"
- resolved "https://registry.yarnpkg.com/entities/-/entities-1.1.1.tgz#6e5c2d0a5621b5dadaecef80b90edfb5cd7772f0"
-
error-ex@^1.2.0:
version "1.3.1"
resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.1.tgz#f855a86ce61adc4e8621c3cda21e7a7612c3a8dc"
dependencies:
parse-passwd "^1.0.0"
-htmlparser2@^3.9.0:
- version "3.9.2"
- resolved "https://registry.yarnpkg.com/htmlparser2/-/htmlparser2-3.9.2.tgz#1bdf87acca0f3f9e53fa4fcceb0f4b4cbb00b338"
- dependencies:
- domelementtype "^1.3.0"
- domhandler "^2.3.0"
- domutils "^1.5.1"
- entities "^1.1.1"
- inherits "^2.0.1"
- readable-stream "^2.0.2"
-
http-errors@1.6.2, http-errors@~1.6.2:
version "1.6.2"
resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.6.2.tgz#0a002cc85707192a7e7946ceedc11155f60ec736"
lodash._createassigner "^3.0.0"
lodash.keys "^3.0.0"
-lodash.clonedeep@^4.5.0:
- version "4.5.0"
- resolved "https://registry.yarnpkg.com/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz#e23f3f9c4f8fbdde872529c1071857a086e5ccef"
-
lodash.cond@^4.3.0:
version "4.5.2"
resolved "https://registry.yarnpkg.com/lodash.cond/-/lodash.cond-4.5.2.tgz#f471a1da486be60f6ab955d17115523dd1d255d5"
lodash.assign "^3.0.0"
lodash.restparam "^3.0.0"
-lodash.escaperegexp@^4.1.2:
- version "4.1.2"
- resolved "https://registry.yarnpkg.com/lodash.escaperegexp/-/lodash.escaperegexp-4.1.2.tgz#64762c48618082518ac3df4ccf5d5886dae20347"
-
lodash.isarguments@^3.0.0:
version "3.1.0"
resolved "https://registry.yarnpkg.com/lodash.isarguments/-/lodash.isarguments-3.1.0.tgz#2f573d85c6a24289ff00663b491c1d338ff3458a"
lodash.isarguments "^3.0.0"
lodash.isarray "^3.0.0"
-lodash.mergewith@^4.6.0:
- version "4.6.0"
- resolved "https://registry.yarnpkg.com/lodash.mergewith/-/lodash.mergewith-4.6.0.tgz#150cf0a16791f5903b8891eab154609274bdea55"
-
lodash.restparam@^3.0.0:
version "3.6.1"
resolved "https://registry.yarnpkg.com/lodash.restparam/-/lodash.restparam-3.6.1.tgz#936a4e309ef330a7645ed4145986c85ae5b20805"
version "1.2.1"
resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-1.2.1.tgz#d1a21483fd22bb41e58a12fa3421823140897c45"
-postcss@^6.0.14:
- version "6.0.14"
- resolved "https://registry.yarnpkg.com/postcss/-/postcss-6.0.14.tgz#5534c72114739e75d0afcf017db853099f562885"
- dependencies:
- chalk "^2.3.0"
- source-map "^0.6.1"
- supports-color "^4.4.0"
-
postgres-array@~1.0.0:
version "1.0.2"
resolved "https://registry.yarnpkg.com/postgres-array/-/postgres-array-1.0.2.tgz#8e0b32eb03bf77a5c0a7851e0441c169a256a238"
version "5.1.1"
resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853"
-sanitize-html@^1.16.3:
- version "1.16.3"
- resolved "https://registry.yarnpkg.com/sanitize-html/-/sanitize-html-1.16.3.tgz#96c1b44a36ff7312e1c22a14b05274370ac8bd56"
- dependencies:
- htmlparser2 "^3.9.0"
- lodash.clonedeep "^4.5.0"
- lodash.escaperegexp "^4.1.2"
- lodash.mergewith "^4.6.0"
- postcss "^6.0.14"
- srcset "^1.0.0"
- xtend "^4.0.0"
-
scripty@^1.5.0:
version "1.7.2"
resolved "https://registry.yarnpkg.com/scripty/-/scripty-1.7.2.tgz#92367b724cb77b086729691f7b01aa57f3ddd356"
version "0.5.7"
resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.7.tgz#8a039d2d1021d22d1ea14c80d8ea468ba2ef3fcc"
-source-map@^0.6.0, source-map@^0.6.1:
+source-map@^0.6.0:
version "0.6.1"
resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.6.1.tgz#74722af32e9614e9c287a8d0bbde48b5e2f1a263"
version "1.0.3"
resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c"
-srcset@^1.0.0:
- version "1.0.0"
- resolved "https://registry.yarnpkg.com/srcset/-/srcset-1.0.0.tgz#a5669de12b42f3b1d5e83ed03c71046fc48f41ef"
- dependencies:
- array-uniq "^1.0.2"
- number-is-nan "^1.0.0"
-
sshpk@^1.7.0:
version "1.13.1"
resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.13.1.tgz#512df6da6287144316dc4c18fe1cf1d940739be3"
dependencies:
has-flag "^1.0.0"
-supports-color@^4.0.0, supports-color@^4.4.0:
+supports-color@^4.0.0:
version "4.5.0"
resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-4.5.0.tgz#be7a0de484dec5c5cddf8b3d59125044912f635b"
dependencies:
projects / oweals / peertube.git / commitdiff