Class: PotMarkdown::Filters::SanitizeScriptFilter

Inherits:

HTML::Pipeline::Filter

Object
HTML::Pipeline::Filter
PotMarkdown::Filters::SanitizeScriptFilter

Defined in:: lib/pot_markdown/filters/sanitize_script_filter.rb

Constant Summary collapse

SAFE_SCRIPT_URL =

[
  # nicovideo
  %r{\Ahttps?://ext.nicovideo.jp/thumb_watch/[^/]+\z},

  # speakerdeck
  %r{\A(https?:)?//speakerdeck.com/assets/embed.js\z},

  # pixiv
  %r{\Ahttps?://source.pixiv.net/source/embed.js\z},

  # twitter
  %r{\A(https:)?//platform.twitter.com/widgets.js\z},

  # gist
  %r{\Ahttps://gist.github.com/[A-Za-z0-9\-]+/[a-f0-9]+\.js\z}
].freeze

Instance Method Summary collapse

#call ⇒ Object

Instance Method Details

#call ⇒ `Object`

# File 'lib/pot_markdown/filters/sanitize_script_filter.rb', line 7

def call
  doc.xpath('.//script').each do |element|
    if safe?(element)
      element.children.remove
    else
      element.remove
    end
  end
  doc
end