From feb5d9b74fa1e8454eaaf29afae3643c6d7c81f1 Mon Sep 17 00:00:00 2001 From: Andrew Godwin Date: Fri, 11 Nov 2022 22:02:43 -0700 Subject: Got up to incoming posts working --- core/html.py | 11 +++++++++++ core/ld.py | 30 +++++++++++++++++------------- core/views.py | 2 +- 3 files changed, 29 insertions(+), 14 deletions(-) create mode 100644 core/html.py (limited to 'core') diff --git a/core/html.py b/core/html.py new file mode 100644 index 0000000..e63dda3 --- /dev/null +++ b/core/html.py @@ -0,0 +1,11 @@ +import bleach +from django.utils.safestring import mark_safe + + +def sanitize_post(post_html: str) -> str: + """ + Only allows a, br, p and span tags, and class attributes. + """ + return mark_safe( + bleach.clean(post_html, tags=["a", "br", "p", "span"], attributes=["class"]) + ) diff --git a/core/ld.py b/core/ld.py index 2211ba9..82e2894 100644 --- a/core/ld.py +++ b/core/ld.py @@ -1,4 +1,5 @@ import urllib.parse as urllib_parse +from typing import Dict, List, Union from pyld import jsonld from pyld.jsonld import JsonLdError @@ -299,24 +300,27 @@ def builtin_document_loader(url: str, options={}): ) -def canonicalise(json_data, include_security=False): +def canonicalise(json_data: Dict, include_security: bool = False) -> Dict: """ Given an ActivityPub JSON-LD document, round-trips it through the LD systems to end up in a canonicalised, compacted format. + If no context is provided, supplies one automatically. + For most well-structured incoming data this won't actually do anything, but it's probably good to abide by the spec. """ - if not isinstance(json_data, (dict, list)): + if not isinstance(json_data, dict): raise ValueError("Pass decoded JSON data into LDDocument") - return jsonld.compact( - jsonld.expand(json_data), - ( - [ - "https://www.w3.org/ns/activitystreams", - "https://w3id.org/security/v1", - ] - if include_security - else "https://www.w3.org/ns/activitystreams" - ), - ) + context: Union[str, List[str]] + if include_security: + context = [ + "https://www.w3.org/ns/activitystreams", + "https://w3id.org/security/v1", + ] + else: + context = "https://www.w3.org/ns/activitystreams" + if "@context" not in json_data: + json_data["@context"] = context + + return jsonld.compact(jsonld.expand(json_data), context) diff --git a/core/views.py b/core/views.py index dbaebf9..205224c 100644 --- a/core/views.py +++ b/core/views.py @@ -1,6 +1,6 @@ from django.views.generic import TemplateView -from statuses.views.home import Home +from activities.views.home import Home from users.models import Identity -- cgit v1.2.3