diff --git a/src/main/java/swiss/fihlon/apus/service/SocialService.java b/src/main/java/swiss/fihlon/apus/service/SocialService.java index 4df1a67..b620012 100644 --- a/src/main/java/swiss/fihlon/apus/service/SocialService.java +++ b/src/main/java/swiss/fihlon/apus/service/SocialService.java @@ -27,6 +27,7 @@ import swiss.fihlon.apus.configuration.Configuration; import swiss.fihlon.apus.social.Message; import swiss.fihlon.apus.social.mastodon.MastodonAPI; +import swiss.fihlon.apus.util.HtmlUtil; import java.io.IOException; import java.nio.file.Files; @@ -83,7 +84,7 @@ private void updateMessages() { .filter(message -> !blockedProfiles.contains(message.profile())) .filter(message -> !filterSensitive || !message.isSensitive()) .filter(message -> !filterReplies || !message.isReply()) - .filter(message -> filterLength <= 0 || Jsoup.parse(message.html()).text().length() <= filterLength) + .filter(message -> filterLength <= 0 || HtmlUtil.extractText(message.html()).length() <= filterLength) .filter(this::checkWordFilter) .toList(); synchronized (this) { diff --git a/src/main/java/swiss/fihlon/apus/ui/view/MessageView.java b/src/main/java/swiss/fihlon/apus/ui/view/MessageView.java index f8c2a8b..95d3c70 100644 --- a/src/main/java/swiss/fihlon/apus/ui/view/MessageView.java +++ b/src/main/java/swiss/fihlon/apus/ui/view/MessageView.java @@ -29,20 +29,12 @@ import com.vaadin.flow.component.html.Image; import org.jetbrains.annotations.NotNull; import org.ocpsoft.prettytime.PrettyTime; -import org.owasp.html.HtmlPolicyBuilder; -import org.owasp.html.PolicyFactory; import swiss.fihlon.apus.social.Message; +import swiss.fihlon.apus.util.HtmlUtil; @CssImport(value = "./themes/apus/views/message-view.css") public final class MessageView extends Div { - private static final PolicyFactory POLICY_FACTORY = new HtmlPolicyBuilder() - .allowElements("p", "br", "a", "b", "i", "u", "em", "strong", "mark", "code", "img") - .allowUrlProtocols("https") - .allowAttributes("href").onElements("a") - .allowAttributes("src").onElements("img") - .toFactory(); - public MessageView(@NotNull final Message message) { setId("message-" + message.id()); addClassName("message-view"); @@ -70,7 +62,7 @@ private Component createAvatarComponent(@NotNull final Message message) { @NotNull private Component createTextComponent(@NotNull final Message message) { final String unsafeHtml = message.html(); - final String saveHtml = POLICY_FACTORY.sanitize(unsafeHtml); + final String saveHtml = HtmlUtil.sanitize(unsafeHtml); return new Html(String.format("