Module: LcpRuby::Display::MarkdownSanitize

Defined in:: lib/lcp_ruby/display/markdown_sanitize.rb

Overview

Sanitize allow-list shared between the model-level :markdown renderer (‘Display::Renderers::Markdown`) and the page-level `markdown` widget partial (`app/views/lcp_ruby/widgets/_markdown.html.erb`). Both run the same Commonmarker → HTML pipeline and need the same downstream tag/attribute allow-list — defining the constants twice invited drift (a `<details>` tag added to one site but not the other would be a silent rendering inconsistency).

‘unsafe:` is deliberately omitted from the Commonmarker options below — raw HTML embedded in the markdown source is stripped at parse time before sanitize ever runs. This module is the second layer of defense; the parser is the first.

Constant Summary collapse

TAGS =

%w[
  p br strong em del s a ul ol li blockquote pre code h1 h2 h3 h4 h5 h6
  table thead tbody tfoot tr th td hr img input div span
].freeze

ATTRIBUTES = Note: ‘input` is kept for tasklist checkbox rendering (generated by the Commonmarker tasklist extension). Raw HTML `<input>` from user source is blocked by omitting `unsafe: true` from Commonmarker options.

%w[href src alt title class type checked disabled].freeze

COMMONMARKER_OPTIONS = Commonmarker extension hash — same on both the renderer and the widget. Frozen so a host extension that wants to add e.g. footnotes creates a new hash rather than mutating the shared default.

{
  extension: { table: true, tasklist: true, strikethrough: true, autolink: true }
}.freeze