next/lib/server/constants.ts

115 lines
2.1 KiB
TypeScript

import turndown from "turndown";
export const ContentFilenameRegex = /\.(doc|docx|md|markdown)$/i;
export const emailRegex: RegExp = /^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$/;
export const usernameRegex: (uname: string) => RegExp = (uname: string) => new RegExp("^" + uname.trim().replace(/\*/g, "\\*") + "$", "i");
export const mammothTemplate = (doc, defaults, content) => {
return content.replace(/\n|\r\n|\r/gm, "");
};
export const sanitizeConf = {
allowedTags: [
"address",
"article",
"aside",
"footer",
"header",
"h1",
"h2",
"h3",
"h4",
"h5",
"h6",
"hgroup",
"main",
"nav",
"section",
"blockquote",
"dd",
"div",
"dl",
"dt",
"figcaption",
"figure",
"hr",
"li",
"main",
"ol",
"p",
"pre",
"ul",
"a",
"abbr",
"b",
"bdi",
"bdo",
"br",
"cite",
"code",
"data",
"dfn",
"em",
"i",
"kbd",
"mark",
"q",
"rb",
"rp",
"rt",
"rtc",
"ruby",
"s",
"samp",
"small",
"span",
"strong",
"sub",
"sup",
"time",
"u",
"var",
"wbr",
"caption",
"col",
"colgroup",
"table",
"tbody",
"td",
"tfoot",
"th",
"thead",
"tr",
],
disallowedTagsMode: "discard",
allowedAttributes: {
a: ["href", "name", "target"],
// We don't currently allow img itself by default, but this
// would make sense if we did. You could add srcset here,
// and if you do the URL is checked for safety
img: ["src"],
},
// Lots of these won't come up by default because we don't allow them
selfClosing: ["img", "br", "hr", "area", "base", "basefont", "input", "link", "meta"],
// URL schemes we permit
allowedSchemes: ["http", "https", "ftp", "mailto", "tel"],
allowedSchemesAppliedToAttributes: ["href", "src", "cite"],
allowProtocolRelative: true,
enforceHtmlBoundary: false,
allowedSchemesByTag: {
img: ["data"],
},
};
export const messages = {
[403]: "Forbidden",
[401]: "Authorization required",
[404]: "Not found",
};
export const apiRoot = "http://127.0.0.1:4567/api";
export const h2m = new turndown({
hr: "---",
codeBlockStyle: "fenced",
emDelimiter: "*",
bulletListMarker: "+",
});