File tree 3 files changed +213
-1
lines changed
3 files changed +213
-1
lines changed Original file line number Diff line number Diff line change @@ -38,7 +38,9 @@ def oml_general(xml)
3838 end
3939 xml . language @task . iso639_lang
4040 xml . description do
41- xml . string ApplicationController . helpers . render_markdown ( @task . description ) , language : @task . iso639_lang
41+ html_fragment = Loofah . fragment ( ApplicationController . helpers . render_markdown ( @task . description ) )
42+ html_fragment . scrub! ( NbpScrubber . new )
43+ xml . string html_fragment . to_s , language : @task . iso639_lang
4244 end
4345 if @task . programming_language &.language . present?
4446 xml . keyword do
Original file line number Diff line number Diff line change 1+ # frozen_string_literal: true
2+
3+ module LomService
4+ class NbpScrubber < Rails ::HTML ::PermitScrubber
5+ ALLOW_LIST = YAML . safe_load_file ( Rails . root . join ( 'app/services/lom_service/nbp_scrubber_allow_list.yml' ) )
6+
7+ def initialize
8+ super
9+ self . tags = ALLOW_LIST [ 'tags' ]
10+ self . attributes = ALLOW_LIST [ 'attributes' ]
11+ end
12+ end
13+ end
Original file line number Diff line number Diff line change 1+ ---
2+ tags :
3+ - a
4+ - abbr
5+ - acronym
6+ - address
7+ - area
8+ - article
9+ - aside
10+ - b
11+ - bdi
12+ - big
13+ - blockquote
14+ - body
15+ - br
16+ - button
17+ - caption
18+ - center
19+ - cite
20+ - code
21+ - col
22+ - colgroup
23+ - data
24+ - datalist
25+ - dd
26+ - del
27+ - details
28+ - dfn
29+ - dir
30+ - div
31+ - dl
32+ - dt
33+ - em
34+ - fieldset
35+ - figcaption
36+ - figure
37+ - font
38+ - footer
39+ - form
40+ - h1
41+ - h2
42+ - h3
43+ - h4
44+ - h5
45+ - h6
46+ - head
47+ - header
48+ - hr
49+ - html
50+ - i
51+ - img
52+ - input
53+ - ins
54+ - kbd
55+ - keygen
56+ - label
57+ - legend
58+ - li
59+ - main
60+ - map
61+ - mark
62+ - menu
63+ - menuitem
64+ - meter
65+ - nav
66+ - ol
67+ - optgroup
68+ - option
69+ - output
70+ - p
71+ - pre
72+ - progress
73+ - q
74+ - rp
75+ - rt
76+ - ruby
77+ - s
78+ - samp
79+ - section
80+ - select
81+ - small
82+ - span
83+ - strike
84+ - strong
85+ - sub
86+ - summary
87+ - sup
88+ - table
89+ - tbody
90+ - td
91+ - textarea
92+ - tfoot
93+ - th
94+ - thead
95+ - time
96+ - tr
97+ - tt
98+ - u
99+ - ul
100+ - var
101+ - wbr
102+ attributes :
103+ - abbr
104+ - accept-charset
105+ - accept
106+ - accesskey
107+ - action
108+ - align
109+ - alt
110+ - autocomplete
111+ - autosave
112+ - axis
113+ - bgcolor
114+ - border
115+ - cellpadding
116+ - cellspacing
117+ - challenge
118+ - char
119+ - charoff
120+ - charset
121+ - checked
122+ - cite
123+ - clear
124+ - color
125+ - cols
126+ - colspan
127+ - compact
128+ - contenteditable
129+ - coords
130+ - datetime
131+ - dir
132+ - disabled
133+ - draggable
134+ - dropzone
135+ - enctype
136+ - for
137+ - frame
138+ - headers
139+ - height
140+ - high
141+ - href
142+ - hreflang
143+ - hspace
144+ - ismap
145+ - keytype
146+ - label
147+ - lang
148+ - list
149+ - longdesc
150+ - low
151+ - max
152+ - maxlength
153+ - media
154+ - method
155+ - min
156+ - multiple
157+ - name
158+ - nohref
159+ - noshade
160+ - novalidate
161+ - nowrap
162+ - open
163+ - optimum
164+ - pattern
165+ - placeholder
166+ - prompt
167+ - pubdate
168+ - radiogroup
169+ - readonly
170+ - rel
171+ - required
172+ - rev
173+ - reversed
174+ - rows
175+ - rowspan
176+ - rules
177+ - scope
178+ - selected
179+ - shape
180+ - size
181+ - span
182+ - spellcheck
183+ - src
184+ - start
185+ - step
186+ - style
187+ - summary
188+ - tabindex
189+ - target
190+ - title
191+ - type
192+ - usemap
193+ - valign
194+ - value
195+ - vspace
196+ - width
197+ - wrap
You can’t perform that action at this time.
0 commit comments