Sutty/trabajo-afectivo
5
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Maintenance: Improved HTML sanitization timeout handling.

Browse source
This commit is contained in:
Thorsten Eckel 2019-08-16 15:15:07 +02:00
parent b0a806e886
commit 6a5c5a3e2a
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lib/html_sanitizer.rb
View file

@ -1,6 +1,6 @@
class HtmlSanitizer class HtmlSanitizer
LINKABLE_URL_SCHEMES = URI.scheme_list.keys.map(&:downcase) - ['mailto'] + ['tel'] LINKABLE_URL_SCHEMES = URI.scheme_list.keys.map(&:downcase) - ['mailto'] + ['tel']
PROCESSING_TIMEOUT = 10 PROCESSING_TIMEOUT = 20
UNPROCESSABLE_HTML_MSG = 'This message cannot be displayed due to HTML processing issues. Download the raw message below and open it via an Email client if you still wish to view it.'.freeze UNPROCESSABLE_HTML_MSG = 'This message cannot be displayed due to HTML processing issues. Download the raw message below and open it via an Email client if you still wish to view it.'.freeze
=begin =begin
@ -205,6 +205,7 @@ satinize html string based on whiltelist
Loofah.fragment(string).scrub!(scrubber_link).to_s Loofah.fragment(string).scrub!(scrubber_link).to_s
end end
rescue Timeout::Error rescue Timeout::Error
Rails.logger.error "Could not process string via HtmlSanitizer.strict in #{PROCESSING_TIMEOUT} seconds. Current state: #{string}"
UNPROCESSABLE_HTML_MSG UNPROCESSABLE_HTML_MSG
end end
@ -237,6 +238,7 @@ cleanup html string:
string string
end end
rescue Timeout::Error rescue Timeout::Error
Rails.logger.error "Could not process string via HtmlSanitizer.cleanup in #{PROCESSING_TIMEOUT} seconds. Current state: #{string}"
UNPROCESSABLE_HTML_MSG UNPROCESSABLE_HTML_MSG
end end