Sanitize mixin for plugins?

Question

Sanitize mixin for plugins?

Closed this issue a year ago · 11 comments

Allow plugins to modify sanitize rules.
Maybe like this:

const remark = jojo.remake;
const process = sch => {
  sch.tagName?.push("iframe");
  return sch;
};

export default function ExamplePlugin {
  return {
    remark: u => u.use(remark),
    sanitize: sch => process(sch)
  }
}

This will help plugins decoupling from the editor.

Answer 1 · 2021-11-20T08:11:23.000Z

From a technical perspective, I guess it can be implemented. But it seems would disrupt user expectations in some cases.

For example, there are 2 plugins A and B. A allows iframe, while B doesn't allow it. If the apply order is A->B, then the iframe related contents will also be removed.

Answer 2 · 2021-11-20T08:25:30.000Z

From a technical perspective, I guess it can be implemented. But it seems would disrupt user expectations in some cases.

For example, there are 2 plugins A and B. A allows iframe, while B doesn't allow it. If the apply order is A->B, then the iframe related contents will also be removed.

I think the example more look like a developer issue 🤔.
I don't think there is any case need to disallow a tag or something else, because a plugin is some code to add some new features but not to be a security guard.

About the security question, I think plugin can get a CSRF token from parser instance and apply to element, and then add a filter plugin at the bottom of process chain, to sanitize all insecure content in UGC.

Answer 3 · 2021-11-20T08:57:30.000Z

and then add a filter plugin at the bottom of process chain

Yeah, If I don't understand it wrong, the current sanitize process is exactly the same as you described

Take the iframe case as an example, it can be added via rehype plugins. The sanitize step only takes effect once after remark process.

Answer 4 · 2022-03-27T02:00:51.000Z

This issue is stale because it has been open for 30 days with no activity.

Answer 5 · 2022-04-03T02:04:47.000Z

This issue was closed because it has been inactive for 7 days since being marked as stale.

Answer 6 · 2023-01-06T21:41:40.000Z

What do you think about the plugin passing a schema instead of passing the function that handles the schema?

const remark = jojo.remake;
const sch = {
  tagNames: ["iframe"]
};

export default function ExamplePlugin {
  return {
    remark: u => u.use(remark),
    schema: sch
  }
}

So the main library is responsible for properly merging the schemas and sanitizing globally.

A special merge function will be needed to merge the arrays, but I think I have a good idea of how to do that.

That way plugins are prevented from deleting permissions needed by other plugins, they can only add.

Any other custom schemes are still possible by passing the sanitize function directly to the Editor or Viewer. Thus allowing new additions or deletions in the scheme.

Answer 7 · 2023-01-23T02:53:51.000Z

That way plugins are prevented from deleting permissions needed by other plugins, they can only add.

This seems to be reasonable. But it would also lead to breaking changes, and need to be released as a major version.

I'll draft a v2 plan soon, including this feature.

Answer 8 · 2023-03-25T01:51:56.000Z

This issue is stale because it has been open for 60 days with no activity.

Answer 9 · 2023-05-30T01:56:49.000Z

This issue is stale because it has been open for 60 days with no activity.

Answer 10 · 2023-07-31T01:52:16.000Z

This issue is stale because it has been open for 60 days with no activity.

Answer 11 · 2023-08-08T01:43:42.000Z

This issue was closed because it has been inactive for 7 days since being marked as stale.