From e06d6c1fb10f6bd156fb3f5b16bd2e1b69c22d9a Mon Sep 17 00:00:00 2001 From: Mike Macgirvin Date: Sat, 22 Jun 2024 10:56:34 +1000 Subject: [PATCH] better federation of map data (requires updating openstreetmap addon) --- include/bbcode.php | 14 +++++++++++++- include/misc.php | 29 +++++++++++++++++++++++++++++ src/Module/Inspect.php | 2 +- 3 files changed, 43 insertions(+), 2 deletions(-) diff --git a/include/bbcode.php b/include/bbcode.php index 18d34904d..4484fa487 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -769,6 +769,18 @@ function bb_map_latlon($match) $match[0]); } +function bb_map_link($match) +{ + $x = str_replace(['/', ','], [' ', ' '], $match[1]); + $tmp = explode(' ', $x); + if (count($tmp) > 1) { + $lat = $tmp[0]; + $lon = $tmp[1]; + } + // the extra space in the following line is intentional + return str_replace($match[0], '' . t('Show map') . '', $match[0]); +} + function bb_map_coords($match) { @@ -1818,7 +1830,7 @@ function bbcode($Text, $options = []) if ($export) { $Text = str_replace([ '[map]','[/map]' ], [ '','' ], $Text); - $Text = preg_replace("/\[map=(.*?)[, ](.*?)\]/ism", 'geo:$1,$2', $Text); + $Text = preg_replace_callback("/\[map=(.*?)\]/ism", 'bb_map_link', $Text); } else { if (str_contains($Text, '[/map]')) { $Text = preg_replace_callback("/\[map\](.*?)\[\/map\]/ism", 'bb_map_location', $Text); diff --git a/include/misc.php b/include/misc.php index 49bf2dbbf..e62d8f418 100644 --- a/include/misc.php +++ b/include/misc.php @@ -188,6 +188,9 @@ function purify_html($s, $opts = []) // @todo create scheme definitions for geo: and ap: and did: ]); + $s = str_replace(['geo:', 'ap:', 'did:'], + ['https://example.com/escape/geo', 'https://example.com/escape/ap', 'https://example.com/escape/did' ], $s); + // This will escape invalid tags in the output instead of removing. // This is necessary for mixed format (text+bbcode+html+markdown) messages or // some angle brackets in plaintext may get stripped if they look like an HTML tag @@ -352,11 +355,17 @@ function purify_html($s, $opts = []) $purifier = new HTMLPurifier($config); + + // HTMLPurifier mangles intentionally escaped alt-text by unescaping it. // There is an option to encode all non-ascii characters, but we really don't want that either. // What we really want is for it to just not un-escape escaped double quotes. $s = str_replace('"','__!ESCAPED_DOUBLEQUOTE!__', $s); $s = str_replace('__!ESCAPED_DOUBLEQUOTE!__', '"', $purifier->purify($s)); + + $s = str_replace(['https://example.com/escape/geo', 'https://example.com/escape/ap', 'https://example.com/escape/did' ], + ['geo:', 'ap:', 'did:'], $s); + return $s; } @@ -1752,6 +1761,26 @@ function format_filer(&$item) return $s; } +function generate_map_link($lat, $lon, $zoom = 16) +{ + + $arr = [ + 'lat' => $lat, + 'lon' => $lon, + 'zoom' => $zoom, + 'link' => '' + ]; + + /** + * @hooks generate_map + * * \e string \b lat + * * \e string \b lon + * * \e string \b html the parsed HTML to return + */ + Hook::call('generate_map_link', $arr); + return (strlen($arr['link'])) ? $arr['link'] : 'geo:' . $lat . ',' . $lon . '&z=' . $zoom; +} + function generate_map($lat, $lon, $zoom = 16) { diff --git a/src/Module/Inspect.php b/src/Module/Inspect.php index 4f7ca848a..91484147e 100644 --- a/src/Module/Inspect.php +++ b/src/Module/Inspect.php @@ -69,7 +69,7 @@ class Inspect extends Controller $str = Activity::fetch($item['target']['id'], App::$channel); if ($str) { $output .= '(conversation)' . EOL . '
' .
-                            json_encode($str, JSON_UNESCAPED_SLASHES|JSON_PRETTY_PRINT) .
+                            escape_tags(json_encode($str, JSON_UNESCAPED_SLASHES|JSON_PRETTY_PRINT)) .
                             '
' . EOL . EOL; } }