From 990f173b3d1159f7c76ad4cc67aa28b12315cda7 Mon Sep 17 00:00:00 2001
From: evazion <noizave@gmail.com>
Date: Thu, 15 Jun 2017 20:30:19 -0500
Subject: [PATCH] notes: move sanitization from d_text.rb to note_sanitizer.rb.

---
 app/controllers/note_previews_controller.rb |  2 +-
 app/logical/d_text.rb                       | 24 --------------------
 app/logical/note_sanitizer.rb               | 25 +++++++++++++++++++++
 app/views/notes/_note.html.erb              |  2 +-
 4 files changed, 27 insertions(+), 26 deletions(-)
 create mode 100644 app/logical/note_sanitizer.rb

diff --git a/app/controllers/note_previews_controller.rb b/app/controllers/note_previews_controller.rb
index 81c464689..e14f0b1c5 100644
--- a/app/controllers/note_previews_controller.rb
+++ b/app/controllers/note_previews_controller.rb
@@ -2,7 +2,7 @@ class NotePreviewsController < ApplicationController
   respond_to :json
 
   def show
-    @body = DText.sanitize(params[:body].to_s)
+    @body = NoteSanitizer.sanitize(params[:body].to_s)
     respond_with(@body) do |format|
       format.json do
         render :json => {:body => @body}.to_json
diff --git a/app/logical/d_text.rb b/app/logical/d_text.rb
index 78aaf56d0..0ac557ee3 100644
--- a/app/logical/d_text.rb
+++ b/app/logical/d_text.rb
@@ -369,30 +369,6 @@ class DText
     s
   end
 
-  def self.sanitize(text)
-    text.gsub!(/<( |-|3|:|>|\Z)/, "&lt;\\1")
-
-    Sanitize.clean(
-      text,
-      :elements => %w(code center tn h1 h2 h3 h4 h5 h6 a span div blockquote br p ul li ol em strong small big b i font u s pre ruby rb rt rp),
-      :attributes => {
-        "a" => %w(href title style),
-        "span" => %w(class style),
-        "div" => %w(class style align),
-        "p" => %w(class style align),
-        "font" => %w(color size style)
-      },
-      :protocols => {
-        "a" => {
-          "href" => ["http", "https", :relative]
-        }
-      },
-      :css => Sanitize::Config::RELAXED[:css].merge({
-        :protocols => []
-      })
-    )
-  end
-
   # extract the first paragraph `needle` occurs in.
   def self.excerpt(dtext, needle)
     dtext = dtext.gsub(/\r\n|\r|\n/, "\n")
diff --git a/app/logical/note_sanitizer.rb b/app/logical/note_sanitizer.rb
new file mode 100644
index 000000000..baf53bfd0
--- /dev/null
+++ b/app/logical/note_sanitizer.rb
@@ -0,0 +1,25 @@
+module NoteSanitizer
+  def self.sanitize(text)
+    text.gsub!(/<( |-|3|:|>|\Z)/, "&lt;\\1")
+
+    Sanitize.clean(
+      text,
+      :elements => %w(code center tn h1 h2 h3 h4 h5 h6 a span div blockquote br p ul li ol em strong small big b i font u s pre ruby rb rt rp),
+      :attributes => {
+        "a" => %w(href title style),
+        "span" => %w(class style),
+        "div" => %w(class style align),
+        "p" => %w(class style align),
+        "font" => %w(color size style)
+      },
+      :protocols => {
+        "a" => {
+          "href" => ["http", "https", :relative]
+        }
+      },
+      :css => Sanitize::Config::RELAXED[:css].merge({
+        :protocols => []
+      })
+    )
+  end
+end
diff --git a/app/views/notes/_note.html.erb b/app/views/notes/_note.html.erb
index fcf1b3dff..15e374b34 100644
--- a/app/views/notes/_note.html.erb
+++ b/app/views/notes/_note.html.erb
@@ -1 +1 @@
-<article data-width="<%= note.width %>" data-height="<%= note.height %>" data-x="<%= note.x %>" data-y="<%= note.y %>" data-id="<%= note.id %>" data-body="<%= note.body %>"><%= raw DText.sanitize(note.body) %></article>
+<article data-width="<%= note.width %>" data-height="<%= note.height %>" data-x="<%= note.x %>" data-y="<%= note.y %>" data-id="<%= note.id %>" data-body="<%= note.body %>"><%= raw NoteSanitizer.sanitize(note.body) %></article>