Commit graph

94 commits

Author SHA1 Message Date
Matthew Hodgson
67ba0e59a2 Merge pull request #1301 from zeroware/develop
Include magnet scheme in sanitize HTML params
2017-10-14 23:48:43 +01:00
Michael Telatynski
c1edc0c32e
add option to disable BigEmoji
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2017-10-14 19:40:45 +01:00
Luke Barnard
d3f9a3aeb5 Run eslint --fix
Fixing 1000s of lint issues. Some rules cannot be `--fix`ed but this goes some way to linting the entire codebase.
2017-10-11 17:56:17 +01:00
David Baker
bfedcd1ff0 Don't check for only-emoji if there were none
We were still running the emojione regex on all messages to
determine if they were *only* emoji (for the big emoji). This is
pointless on messages that we already know don't have emoji.

Also stop exporting unicodeToImage because it isn't used anywhere.
2017-09-15 12:03:32 +01:00
David Baker
803e8f93e3 Fix emojification of symbol characters
Emojione has graphics for a lot of the symbol / dingbat characters
which are within the basic multilingual plane, but the new
fast-path regex was only detecthing surrogate pairs, so not
counting the symbols as emoji.
2017-09-15 11:43:55 +01:00
Michael Telatynski
39470c44a3
Merge branch 'develop' of github.com:matrix-org/matrix-react-sdk into t3chguy/sub-sup 2017-09-13 12:15:12 +01:00
Michael Telatynski
a0855a2869
allow sending sub,sup and whitelist them on receive
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2017-09-13 12:04:46 +01:00
David Baker
7617788345 Merge pull request #1372 from matrix-org/dbkr/emoji_fast_path
Fast path for emojifying strings
2017-09-10 17:44:02 +01:00
David Baker
876257f4e2 Consolidate the code copy button
Adding the code code button was done by manipulating the HTML of
the event body to add a span tag, then adding the onclick handler
after the thing was mounted. Apart from splitting the code between
two places, adding the span tag was, according to Chrome's
profiler, taking up quite a lot of CPU cycles (apparently as soon
as you set the innerHTML on a div). Instead, just build the whole
lot together after the component mounts.
2017-09-10 14:23:33 +01:00
David Baker
fe79010e4e Only add the code copy button for HTML messages
Trivial fast-path optimisation: plain text messages cannot possibly contain pre
blocks so there's no point in trying to parse them in order to add code copy
buttons.
2017-09-08 23:36:22 +01:00
David Baker
ea5726aa4e Copyright 2017-09-08 23:14:06 +01:00
David Baker
ec3ff529e7 Fast path for emojifying strings
Emojione's regex for detecting emoji is *enourmous* and we were
running it on every display name, room name, message etc every time
those components mounted. Add a much simpler regex to rule out the
majority of strings that contain no emoji and fast-path them.

Makes room switching about 10% faster (in my tests with all the
profiling turned on).
2017-09-08 23:05:27 +01:00
Zero
798d68b4c8 Include magnet scheme in sanitize HTML params
Update HtmlUtils sanitze-html params to include the magnet scheme
2017-08-14 19:42:00 +02:00
Hubert Chathi
df71502dbb allow width, height, alt, title attributes in img
fixes vector-im/riot-web#4646

Signed-off-by: Hubert Chathi <hubert@uhoreg.ca>
2017-07-25 10:43:40 -04:00
Luke Barnard
0df144cb62 Update unicodeToImage to maintain compatibility with emojione
We recently updated our version of emojione but this update included the addition of emoji represented in unicode with ZWJ (Zero-Width-Joiners). These ZWJs are not present in the asset file names, so any emoji with ZWJ in them were just not found (404 on the web client).

This updates `unicodeToImage` to be compatible with emojione 2.2.7 so that the correct filenames are used when converting from unicode to <img>.
2017-07-11 18:27:35 +01:00
Luke Barnard
dfa97e8452 Add comment 2017-07-10 17:48:01 +01:00
Luke Barnard
6877b99435 Strip <img src="https?://..">s when transforming imgs instead of using allowedSchemesByTag 2017-07-10 17:44:49 +01:00
Luke Barnard
bb9080425a Allow image tags with src attributes with schemes http[s]
And transform `mxc:*` URLs to `https?://`
2017-07-10 16:27:23 +01:00
Luke Barnard
96f5f92c7f Disallow data attribute, we don't need it currently 2017-07-10 15:44:46 +01:00
Luke Barnard
f9ee89b2f4 Merge branch 'develop' into matthew/whitelist-uri-schemes 2017-07-10 15:42:03 +01:00
Luke Barnard
32a01b54b8 Merge branch 'develop' into erikj/group_server 2017-07-07 10:08:49 +01:00
Luke Barnard
e7a2c3b975 Only send HTML when using RTE when necessary
When there are no styled blocks or inline styles applied within blocks, just send text instead of HTML.

Also, don't add <br /> for the last <p> (the last block).

Fixes https://github.com/vector-im/riot-web/issues/3147
2017-06-30 11:27:00 +01:00
Luke Barnard
9b24f70d00 Update comment 2017-06-28 14:29:53 +01:00
Luke Barnard
eeb1c33868 Do the less invasive fix of replacing <br>\n with \n but only within <pre> 2017-06-28 14:27:24 +01:00
Luke Barnard
f73fa4b49b Move processing into renamed function processHtmlforSending
And explain why this fix is necessary
2017-06-28 11:49:50 +01:00
Johannes Löthberg
661e6a6d01 HtmlUtils: Allow language- classes on code blocks through the sanitizer
This is required to be able to specify the highlight language in fenced
blocks like the following:

    ```python
    print("foo")
    ```

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2017-06-26 17:45:38 +02:00
David Baker
2efa099de2 Use function from HTMLUtils for sanitizing
Encapsulates things a little nicer
2017-06-23 17:02:54 +01:00
David Baker
71eb405859 Add comments & remove redundant check 2017-06-08 14:53:21 +01:00
David Baker
b40636a425 Merge pull request #1040 from ollieh/issues/1974
Added button that copies code to clipboard
2017-06-08 14:45:58 +01:00
Oliver Hunt
dd6171a39e Review changes
Signed-off-by: Oliver Hunt <oliver@hunt.bz>
2017-06-06 12:34:03 +01:00
Oliver Hunt
a640e943f7 Added button that copies code to clipboard
Signed-off-by: Oliver Hunt <oliver@hunt.bz>
2017-06-06 12:33:44 +01:00
saul.kredi@krutt.org
4afba2f796 Add support for RTL languages 2017-05-29 18:44:39 +03:00
Matthew Hodgson
c0cead1546 workaround for https://github.com/vector-im/riot-web/issues/3633.
unsure our vector url match could ever return undefined, but apparently it is...
2017-05-15 01:32:37 +01:00
turt2live
3bd77d56db Allow h1 and h2 tags again. CSS handled by riot-web
Signed-off-by: Travis Ralston <travpc@gmail.com>
2017-04-24 08:45:22 -06:00
turt2live
80b8be64d1 Transform h1 and h2 tags to h3 tags
Addresses vector-im/riot-web#1772

Signed-off-by: Travis Ralston <travpc@gmail.com>
2017-04-21 15:09:56 -06:00
Luke Barnard
9cd7914ea5 Finishing off the first iteration on login UI
This makes the following changes:
 - Improve CountryDropdown by allowing all countries to be displayed at once and using PNGs for performance (trading of quality - the pngs are scaled down from 32px to 25px)
 - "I want to sign in with" dropdown to select login method
 - MXID login field that suffixes HS domain (whether custom or matrix.org) and prefixes "@"
 - Email field which is secretly the same as the username field but with a different placeholder
 - No more login flickering when changing ServerConfig (!) fixes https://github.com/vector-im/riot-web/issues/1517

This implements most of the design in https://github.com/vector-im/riot-web/issues/3524 but neglects the phone number login:
![login_with_msisdn](https://cloud.githubusercontent.com/assets/1922197/24864469/30a921fc-1dfc-11e7-95d1-76f619da1402.png)

This will be updated in another PR to implement desired things:
 - Country code visible once a country has been selected (propbably but as a prefix to the phone number input box.
 - Use square flags
 - Move CountryDropdown above phone input and make it show the full country name when not expanded
 - Auto-select country based on IP
2017-04-21 11:37:08 +01:00
Luke Barnard
ec2a5cce74 Merge branch 'develop' into matthew/whitelist-uri-schemes 2017-04-13 14:08:19 +01:00
Matthew Hodgson
bb25bee8fa Merge pull request #787 from VShell/patch-3
Add <ol start="..."> to allowed attributes list
2017-04-02 12:49:01 +01:00
Shell Turner
3ff54b8e4b Add <ol start="..."> to allowed attributes list
Fixes vector-im/riot-web#3273

Signed-off-by: Shell Turner <cam.turn@gmail.com>
2017-04-02 11:19:50 +01:00
David Baker
878413f6a4 Support msisdn signin
Changes from https://github.com/matrix-org/matrix-react-sdk/pull/742
2017-03-14 11:50:13 +00:00
Richard van der Hoff
2786fb0f46 Revert "Support registration & login with phone number (#742)"
This reverts commit 0269562383.

This breaks against the current synapse release. We need to think more
carefully about backwards compatibility.
2017-03-09 18:32:44 +00:00
David Baker
0269562383 Support registration & login with phone number (#742)
* WIP msisdn sign in

* A mostly working country picker

* Fix bug where you'dbe logged out after registering

Stop the guest sync, otherwise it gets 401ed for using a guest
access token for a non-guest, causing us to beliebe we've been
logged out.

* Use InteractiveAuth component for registration

* Fix tests

* Remove old signup code

* Signup -> Login

Now that Signup contains no code whatsoever related to signing up,
rename it to Login. Get rid of the Signup class.

* Stray newline

* Fix more merge failing

* Get phone country & number to the right place

* More-or-less working msisdn auth component

* Send the bind_msisdn param on registration

* Refinements to country dropdown

Rendering the whole lot when the component was rendered just makes
the page load really slow, so just show 2 at a time and rely on
type-to-search.

Make type-to-search always display an exact iso2 match first

* Propagate initial inputs to the phone input

* Support msisdn login

* semicolon

* Fix PropTypes

* Oops, use the 1qst element of the array

Not the array of object keys which has no particular order

* Make dropdown/countrydropdown controlled

* Unused line

* Add note on DOM layout

* onOptionChange is required

* More docs

* Add missing propTypes

* Don't resume promise on error

* Use React.Children to manipulate children

* Make catch less weird

* Fix null dereference

Assuming [0] of an empty list == undefined doesn't work if you're
then taking a property of it.
2017-03-09 10:59:22 +00:00
Luke Barnard
fa2cf41039 Make COLOR_REGEX stricter 2017-03-03 15:46:13 +00:00
Luke Barnard
f4278b61ea Update comment 2017-03-02 18:13:01 +00:00
Luke Barnard
0f8ab99158 Have COLOR_REGEX constant 2017-03-02 17:02:00 +00:00
Luke Barnard
b951713f7f Remove custom attribs as consumed 2017-03-02 11:39:40 +00:00
Luke Barnard
36795fa192 Use data-mx[-bg]-color instead of stripping style
This has the benefit of not needing a spec for custom CSS. Instead we rigourously sanitise the values for custom data attributes that are transformed to CSS equivalents. `data-mx-color` translates to CSS `color` for example.
2017-03-02 11:36:56 +00:00
Luke Barnard
5fc828f24c Allow span, and only allow style attrib 2017-02-27 11:32:57 +00:00
Luke Barnard
886b0a3f13 Sanitise for *, fix style issues 2017-02-27 11:23:37 +00:00
Matthew Hodgson
2db53c2284 whitelist data & mxc URIs on img tags: readds PR #333 now that punkave/sanitize-html#137 has landed 2017-02-19 03:04:42 +02:00