3 files changed, 55 insertions, 1 deletions
diff --git a/format.c b/format.c
index 69efbdb..1c2a97a 100644
--- a/format.c
+++ b/format.c
@@ -150,3 +150,54 @@ d_char *not_really_markdown(char *content, d_char **f_content)
    return *f_content;
 }
+const char *valid_tags[] = {
+    "a", "p", "br", "img", "blockquote", "ul", "li", "span", NULL
+};
+d_char *sanitize(d_char *content)
+/* cleans dangerous HTML output */
+{
+    d_char *s = xs_str_new(NULL);
+    xs *sl;
+    int n = 0;
+    char *p, *v;
+    sl = xs_regex_split(content, "</?[^>]+>");
+    p = sl;
+    while (xs_list_iter(&p, &v)) {
+        if (n & 0x1) {
+            xs *s1  = xs_strip(xs_crop(xs_dup(v), v[1] == '/' ? 2 : 1, -1));
+            xs *l1  = xs_split_n(s1, " ", 1);
+            xs *tag = xs_tolower(xs_dup(xs_list_get(l1, 0)));
+            int i;
+            /* check if it's one of the valid tags */
+            for (i = 0; valid_tags[i]; i++) {
+                if (strcmp(tag, valid_tags[i]) == 0)
+                    break;
+            }
+            if (valid_tags[i]) {
+                /* accepted tag */
+                s = xs_str_cat(s, v);
+            }
+            else {
+                /* bad tag */
+                xs *s2 = xs_replace(v, "<", "&lt;");
+                s = xs_str_cat(s, s2);
+            }
+        }
+        else {
+            /* non-tag */
+            s = xs_str_cat(s, v);
+        }
+        n++;
+    }
+    return s;
+}
diff --git a/html.c b/html.c
index 7fd1294..43638d5 100644
--- a/html.c
+++ b/html.c
@@ -600,8 +600,9 @@ d_char *html_entry(snac *snac, d_char *os, char *msg, xs_set *seen, int local, i
            }
        }
+        xs *sc = sanitize(c);
-        s = xs_str_cat(s, c);
+        s = xs_str_cat(s, sc);
    }
    s = xs_str_cat(s, "\n");
diff --git a/snac.h b/snac.h
index f11dcc4..7a3a5f3 100644
--- a/snac.h
+++ b/snac.h
@@ -134,6 +134,8 @@ int activitypub_post_handler(d_char *req, char *q_path,
                             char **body, int *b_size, char **ctype);
 d_char *not_really_markdown(char *content, d_char **f_content);
+d_char *sanitize(d_char *str);
 int html_get_handler(d_char *req, char *q_path, char **body, int *b_size, char **ctype);
 int html_post_handler(d_char *req, char *q_path, d_char *payload, int p_size,
                      char **body, int *b_size, char **ctype);

diff --git a/format.c b/format.c index 69efbdb..1c2a97a 100644 --- a/format.c +++ b/format.c
@@ -150,3 +150,54 @@ d_char not_really_markdown(char content, d_char **f_content)
150		150
151	return *f_content;	151	return *f_content;
152	}	152	}
		153
		154
		155	const char *valid_tags[] = {
		156	"a", "p", "br", "img", "blockquote", "ul", "li", "span", NULL
		157	};
		158
		159	d_char sanitize(d_char content)
		160	/* cleans dangerous HTML output */
		161	{
		162	d_char *s = xs_str_new(NULL);
		163	xs *sl;
		164	int n = 0;
		165	char p, v;
		166
		167	sl = xs_regex_split(content, "</?[^>]+>");
		168
		169	p = sl;
		170
		171	while (xs_list_iter(&p, &v)) {
		172	if (n & 0x1) {
		173	xs *s1 = xs_strip(xs_crop(xs_dup(v), v[1] == '/' ? 2 : 1, -1));
		174	xs *l1 = xs_split_n(s1, " ", 1);
		175	xs *tag = xs_tolower(xs_dup(xs_list_get(l1, 0)));
		176	int i;
		177
		178	/* check if it's one of the valid tags */
		179	for (i = 0; valid_tags[i]; i++) {
		180	if (strcmp(tag, valid_tags[i]) == 0)
		181	break;
		182	}
		183
		184	if (valid_tags[i]) {
		185	/* accepted tag */
		186	s = xs_str_cat(s, v);
		187	}
		188	else {
		189	/* bad tag */
		190	xs *s2 = xs_replace(v, "<", "<");
		191	s = xs_str_cat(s, s2);
		192	}
		193	}
		194	else {
		195	/* non-tag */
		196	s = xs_str_cat(s, v);
		197	}
		198
		199	n++;
		200	}
		201
		202	return s;
		203	}


diff --git a/html.c b/html.c index 7fd1294..43638d5 100644 --- a/html.c +++ b/html.c
@@ -600,8 +600,9 @@ d_char html_entry(snac snac, d_char os, char msg, xs_set *seen, int local, i
600	}	600	}
601	}	601	}
602		602
		603	xs *sc = sanitize(c);
603		604
604	s = xs_str_cat(s, c);	605	s = xs_str_cat(s, sc);
605	}	606	}
606		607
607	s = xs_str_cat(s, "\n");	608	s = xs_str_cat(s, "\n");


diff --git a/snac.h b/snac.h index f11dcc4..7a3a5f3 100644 --- a/snac.h +++ b/snac.h
@@ -134,6 +134,8 @@ int activitypub_post_handler(d_char req, char q_path,
134	char *body, int b_size, char **ctype);	134	char *body, int b_size, char **ctype);
135		135
136	d_char not_really_markdown(char content, d_char **f_content);	136	d_char not_really_markdown(char content, d_char **f_content);
		137	d_char sanitize(d_char str);
		138
137	int html_get_handler(d_char req, char q_path, char *body, int b_size, char **ctype);	139	int html_get_handler(d_char req, char q_path, char *body, int b_size, char **ctype);
138	int html_post_handler(d_char req, char q_path, d_char *payload, int p_size,	140	int html_post_handler(d_char req, char q_path, d_char *payload, int p_size,
139	char *body, int b_size, char **ctype);	141	char *body, int b_size, char **ctype);