Class: Govspeak::HtmlSanitizer::ImageSourceWhitelister

Inherits:

Object

Object
Govspeak::HtmlSanitizer::ImageSourceWhitelister

show all

Defined in:: lib/govspeak/html_sanitizer.rb

Instance Method Summary collapse

#call(sanitize_context) ⇒ Object
#initialize(allowed_image_hosts) ⇒ ImageSourceWhitelister constructor

A new instance of ImageSourceWhitelister.

Constructor Details

#initialize(allowed_image_hosts) ⇒ `ImageSourceWhitelister`

Returns a new instance of ImageSourceWhitelister.



5
6
7

# File 'lib/govspeak/html_sanitizer.rb', line 5

def initialize(allowed_image_hosts)
  @allowed_image_hosts = allowed_image_hosts
end

Instance Method Details

#call(sanitize_context) ⇒ `Object`

# File 'lib/govspeak/html_sanitizer.rb', line 9

def call(sanitize_context)
  return unless sanitize_context[:node_name] == "img"

  node = sanitize_context[:node]
  image_uri = Addressable::URI.parse(node["src"])
  unless image_uri.relative? || @allowed_image_hosts.include?(image_uri.host)
    node.unlink # the node isn't sanitary. Remove it from the document.
  end
end