yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'v9/dev' into v9/9.3

Browse Source
This commit is contained in:
Mole
2022-01-26 08:33:56 +01:00
parent 76593aa7ca 930bdac45e
commit 6ad08a3b29
7 changed files with 34 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
build/templates/UmbracoPackage/.template.config/template.json
View File

@@ -24,7 +24,7 @@
"version": {
"type": "parameter",
"datatype": "string",
"defaultValue": "9.3.0-rc",
"defaultValue": "9.3.0",
"description": "The version of Umbraco to load using NuGet",
"replaces": "UMBRACO_VERSION_FROM_TEMPLATE"
},

2
build/templates/UmbracoProject/.template.config/template.json
View File

@@ -57,7 +57,7 @@
"version": {
"type": "parameter",
"datatype": "string",
"defaultValue": "9.3.0-rc",
"defaultValue": "9.3.0",
"description": "The version of Umbraco to load using NuGet",
"replaces": "UMBRACO_VERSION_FROM_TEMPLATE"
},

2
src/Directory.Build.props
View File

@@ -5,7 +5,7 @@
<PropertyGroup>
<Version>9.3.0</Version>
<AssemblyVersion>9.3.0</AssemblyVersion>
<InformationalVersion>9.3.0-rc</InformationalVersion>
<InformationalVersion>9.3.0</InformationalVersion>
<FileVersion>9.3.0</FileVersion>
<LangVersion Condition="'$(LangVersion)' == ''">9.0</LangVersion>
<NeutralLanguage>en-US</NeutralLanguage>

3
src/Umbraco.Core/DependencyInjection/UmbracoBuilder.cs
View File

@@ -263,6 +263,9 @@ namespace Umbraco.Cms.Core.DependencyInjection
// Register telemetry service used to gather data about installed packages
Services.AddUnique<ITelemetryService, TelemetryService>();
// Register a noop IHtmlSanitizer to be replaced
Services.AddUnique<IHtmlSanitizer, NoopHtmlSanitizer>();
}
}
}

12
src/Umbraco.Core/Security/IHtmlSanitizer.cs Normal file
View File

@@ -0,0 +1,12 @@
namespace Umbraco.Cms.Core.Security
{
public interface IHtmlSanitizer
{
/// <summary>
/// Sanitizes HTML
/// </summary>
/// <param name="html">HTML to be sanitized</param>
/// <returns>Sanitized HTML</returns>
string Sanitize(string html);
}
}

10
src/Umbraco.Core/Security/NoopHtmlSanitizer.cs Normal file
View File

@@ -0,0 +1,10 @@
namespace Umbraco.Cms.Core.Security
{
public class NoopHtmlSanitizer : IHtmlSanitizer
{
public string Sanitize(string html)
{
return html;
}
}
}

8
src/Umbraco.Infrastructure/PropertyEditors/RichTextPropertyEditor.cs
View File

@@ -81,6 +81,7 @@ namespace Umbraco.Cms.Core.PropertyEditors
private readonly HtmlLocalLinkParser _localLinkParser;
private readonly RichTextEditorPastedImages _pastedImages;
private readonly IImageUrlGenerator _imageUrlGenerator;
private readonly IHtmlSanitizer _htmlSanitizer;
public RichTextPropertyValueEditor(
DataEditorAttribute attribute,
@@ -92,7 +93,8 @@ namespace Umbraco.Cms.Core.PropertyEditors
RichTextEditorPastedImages pastedImages,
IImageUrlGenerator imageUrlGenerator,
IJsonSerializer jsonSerializer,
IIOHelper ioHelper)
IIOHelper ioHelper,
IHtmlSanitizer htmlSanitizer)
: base(localizedTextService, shortStringHelper, jsonSerializer, ioHelper, attribute)
{
_backOfficeSecurityAccessor = backOfficeSecurityAccessor;
@@ -100,6 +102,7 @@ namespace Umbraco.Cms.Core.PropertyEditors
_localLinkParser = localLinkParser;
_pastedImages = pastedImages;
_imageUrlGenerator = imageUrlGenerator;
_htmlSanitizer = htmlSanitizer;
}
/// <inheritdoc />
@@ -156,8 +159,9 @@ namespace Umbraco.Cms.Core.PropertyEditors
var parseAndSavedTempImages = _pastedImages.FindAndPersistPastedTempImages(editorValue.Value.ToString(), mediaParentId, userId, _imageUrlGenerator);
var editorValueWithMediaUrlsRemoved = _imageSourceParser.RemoveImageSources(parseAndSavedTempImages);
var parsed = MacroTagParser.FormatRichTextContentForPersistence(editorValueWithMediaUrlsRemoved);
var sanitized = _htmlSanitizer.Sanitize(parsed);
return parsed.NullOrWhiteSpaceAsNull();
return sanitized.NullOrWhiteSpaceAsNull();
}
/// <summary>