From 827055f626091b850124fd45cd9024d417577ec2 Mon Sep 17 00:00:00 2001 From: Helmi Akermi Date: Wed, 25 Sep 2024 11:35:19 +0100 Subject: [PATCH] feat: Allow phone links in HTML sanitizer - EXO-73882 - Meeds-io/MIPs#129 Allow phone links in HTML sanitizer --- .../java/org/exoplatform/commons/utils/HTMLSanitizer.java | 2 ++ .../org/exoplatform/commons/utils/HTMLSanitizerTest.java | 7 +++++++ 2 files changed, 9 insertions(+) diff --git a/commons-component-common/src/main/java/org/exoplatform/commons/utils/HTMLSanitizer.java b/commons-component-common/src/main/java/org/exoplatform/commons/utils/HTMLSanitizer.java index db5bfa9b13..660f38272b 100644 --- a/commons-component-common/src/main/java/org/exoplatform/commons/utils/HTMLSanitizer.java +++ b/commons-component-common/src/main/java/org/exoplatform/commons/utils/HTMLSanitizer.java @@ -157,6 +157,8 @@ abstract public class HTMLSanitizer { "onmouseup") .matching(HISTORY_BACK) .onElements("a") + .allowStandardUrlProtocols() + .allowUrlProtocols("tel","ftp") .requireRelNofollowOnLinks() .allowAttributes("src") .matching(ONSITE_OR_OFFSITE_URL) diff --git a/commons-component-common/src/test/java/org/exoplatform/commons/utils/HTMLSanitizerTest.java b/commons-component-common/src/test/java/org/exoplatform/commons/utils/HTMLSanitizerTest.java index f188685366..279a93d0b5 100644 --- a/commons-component-common/src/test/java/org/exoplatform/commons/utils/HTMLSanitizerTest.java +++ b/commons-component-common/src/test/java/org/exoplatform/commons/utils/HTMLSanitizerTest.java @@ -117,4 +117,11 @@ public void testAllowedSpecialCharactersLinks(){ } assertEquals("https://www.economie.gouv.fr/entreprises/changement-janvier-2022?xtor=ES-29-[BIE_292_20220106]-20220106-[https://www.economie.gouv.fr/entreprises/changement-janvier-2022]", sanitized); } + + @Test + public void testAllowPhoneLinks() throws Exception { + String input = "link"; + String sanitized = HTMLSanitizer.sanitize(input); + assertEquals("link", sanitized); + } }