Support full html in system messages. Closes #747 (#814)

2021-03-12 00:43:10 -08:00 · 2021-03-12 00:43:10 -08:00 · 6f545a905b
commit 6f545a905b
parent c67a3e8299
5 changed files with 24 additions and 12 deletions
--- a/controllers/admin/chat.go
+++ b/controllers/admin/chat.go
@ -58,8 +58,7 @@ func GetChatMessages(w http.ResponseWriter, r *http.Request) {
 	}
 }
-// SendSystemMessage will send an official "SYSTEM" message
+// SendSystemMessage will send an official "SYSTEM" message to chat on behalf of your server.
 // to chat on behalf of your server.
 func SendSystemMessage(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Content-Type", "application/json")
@ -76,7 +75,7 @@ func SendSystemMessage(w http.ResponseWriter, r *http.Request) {
 	message.Visible = true
 	message.SetDefaults()
-	message.RenderAndSanitizeMessageBody()
+	message.RenderBody()
 	if err := core.SendMessageToChat(message); err != nil {
 		controllers.BadRequestHandler(w, err)
@ -137,6 +136,7 @@ func SendChatAction(w http.ResponseWriter, r *http.Request) {
 	}
 	message.SetDefaults()
 	message.RenderAndSanitizeMessageBody()
 	if err := core.SendMessageToChat(message); err != nil {
 		controllers.BadRequestHandler(w, err)
--- a/core/chat/client.go
+++ b/core/chat/client.go
@ -222,6 +222,8 @@ func (c *Client) chatMessageReceived(data []byte) {
 	c.Username = &msg.Author
 	msg.ClientID = c.ClientID
 	msg.RenderAndSanitizeMessageBody()
 	_server.SendToAll(msg)
 }
--- a/core/chat/messageRendering_test.go
+++ b/core/chat/messageRendering_test.go
@ -52,3 +52,14 @@ func TestAllowEmojiImages(t *testing.T) {
 		t.Errorf("message rendering/sanitation does not match expected.  Got\n%s, \n\n want:\n%s", result, expected)
 	}
 }
 // Test to verify we can pass raw html and render markdown.
 func TestAllowHTML(t *testing.T) {
 	messageContent := `<img src="/img/emoji/beerparrot.gif"><ul><li>**test thing**</li></ul>`
 	expected := "<p><img src=\"/img/emoji/beerparrot.gif\"><ul><li><strong>test thing</strong></li></ul></p>\n"
 	result := models.RenderMarkdown(messageContent)
 	if result != expected {
 		t.Errorf("message rendering does not match expected.  Got\n%s, \n\n want:\n%s", result, expected)
 	}
 }
--- a/core/chat/server.go
+++ b/core/chat/server.go
@ -135,13 +135,6 @@ func (s *server) Listen() {
 		case c := <-s.delCh:
 			s.removeClient(c)
 		case msg := <-s.sendAllCh:
 			// message was received from a client and should be sanitized, validated
 			// and distributed to other clients.
 			//
 			// Will turn markdown into html, sanitize user-supplied raw html
 			// and standardize this message into something safe we can send everyone else.
 			msg.RenderAndSanitizeMessageBody()
 			if !msg.Empty() {
 				// set defaults before sending msg to anywhere
 				msg.SetDefaults()
--- a/models/chatMessage.go
+++ b/models/chatMessage.go
@ -55,17 +55,23 @@ func (m *ChatEvent) Empty() bool {
 	return m.Body == ""
 }
 // RenderBody will render markdown to html without any sanitization
 func (m *ChatEvent) RenderBody() {
 	m.RawBody = m.Body
 	m.Body = RenderMarkdown(m.RawBody)
 }
 // RenderAndSanitize will turn markdown into HTML, sanitize raw user-supplied HTML and standardize
 // the message into something safe and renderable for clients.
 func RenderAndSanitize(raw string) string {
-	rendered := renderMarkdown(raw)
+	rendered := RenderMarkdown(raw)
 	safe := sanitize(rendered)
 	// Set the new, sanitized and rendered message body
 	return strings.TrimSpace(safe)
 }
-func renderMarkdown(raw string) string {
+func RenderMarkdown(raw string) string {
 	markdown := goldmark.New(
 		goldmark.WithRendererOptions(
 			html.WithUnsafe(),