c02fa93c57
* Tighten allowed HTML in oEmbed-based preview cards * Sanitize preview cards at render time * Add `sandbox` attribute to preview card iframes
18 lines
496 B
Ruby
18 lines
496 B
Ruby
# frozen_string_literal: true
|
|
|
|
class REST::PreviewCardSerializer < ActiveModel::Serializer
|
|
include RoutingHelper
|
|
|
|
attributes :url, :title, :description, :type,
|
|
:author_name, :author_url, :provider_name,
|
|
:provider_url, :html, :width, :height,
|
|
:image, :embed_url, :blurhash
|
|
|
|
def image
|
|
object.image? ? full_asset_url(object.image.url(:original)) : nil
|
|
end
|
|
|
|
def html
|
|
Sanitize.fragment(object.html, Sanitize::Config::MASTODON_OEMBED)
|
|
end
|
|
end
|