Files
FabledCurator/backend/app/utils/html_sanitize.py
T
bvandeusen 96c29c370b
CI / lint (push) Successful in 2s
CI / frontend-build (push) Successful in 22s
CI / backend-lint-and-test (push) Successful in 38s
CI / integration (push) Successful in 3m14s
feat(ingest): localize inline post-body images to local copies (Phase 2)
Render a post body faithfully by serving our stored copies of inline
images instead of hotlinking the public CDN. The join key is the CDN
filehash (32-hex MD5) shared between a body <img src> and the media URL
we downloaded (the same identity extract_media dedups by):

- utils.paths.filehash_from_url — one source of truth for the extractor;
  patreon_client._filehash now delegates so capture- and render-time
  hashing cannot drift.
- ImageRecord gains source_url (provenance) + source_filehash (indexed
  match key); migration 0051.
- the per-media sidecar carries the file's source_url; the importer
  persists it (NULL-only) on the ImageRecord via _apply_sidecar.
- post_feed_service.get_post remaps body <img src> -> /images/<path> for
  every inline image whose filehash maps to a stored image of THIS
  artist; unmatched / pre-Phase-2 images keep hotlinking.

Pre-existing on-disk images have no filehash yet, so they fall back to
hotlinking until re-downloaded; localization is forward-looking.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-14 16:39:58 -04:00

91 lines
3.4 KiB
Python

"""Backend HTML sanitization for scraped Post.description.
Provenance descriptions come from gallery-dl (untrusted third-party HTML).
We render them via v-html in the UI sub-slice, so they MUST be sanitized
server-side to a tight allowlist. nh3 (Rust/ammonia bindings) is used;
bleach is deprecated upstream and intentionally not used.
"""
import re
import nh3
# A faithful-but-safe set: enough to reproduce the SEMANTIC look of a scraped
# post body (headings, lists, quotes, code, inline images, links, line breaks +
# inline emphasis) without layout-injection wrappers. `div`/`span` are
# deliberately NOT allowed — their text is preserved by nh3 and they only carry
# source-site layout/styling we don't want to import (a test pins this).
ALLOWED_TAGS = {
"p", "a", "br", "em", "strong", "b", "i", "u", "s",
"ul", "ol", "li", "blockquote",
"h1", "h2", "h3", "h4", "h5", "h6", "hr",
"pre", "code", "img", "figure", "figcaption",
}
ALLOWED_ATTRIBUTES = {
"a": {"href", "title", "target"},
"img": {"src", "alt", "title", "width", "height"},
}
# http/https for hotlinked source images today; relative URLs (e.g. a local
# `/api/...` src once inline images are captured) pass through nh3 untouched.
ALLOWED_URL_SCHEMES = {"http", "https"}
def sanitize_post_html(raw: str | None) -> str | None:
"""Return sanitized HTML, or None for null/empty/whitespace input.
- keeps only ALLOWED_TAGS / ALLOWED_ATTRIBUTES
- only http/https hrefs survive (javascript: etc. dropped)
- <script> content removed entirely
- all <a> get rel="noopener noreferrer" (nh3 default link_rel)
- never raises
"""
if raw is None:
return None
stripped = raw.strip()
if not stripped:
return None
return nh3.clean(
stripped,
tags=ALLOWED_TAGS,
attributes=ALLOWED_ATTRIBUTES,
url_schemes=ALLOWED_URL_SCHEMES,
link_rel="noopener noreferrer",
clean_content_tags={"script", "style"},
)
# nh3 emits attributes double-quoted, so a single `src="..."` capture is enough
# to read/rewrite inline-image sources on already-sanitized markup (#830 Phase 2).
_IMG_SRC_RE = re.compile(r'(<img\b[^>]*?\bsrc=")([^"]*)(")', re.IGNORECASE)
def extract_img_srcs(html: str | None) -> list[str]:
"""The raw `src` values of every <img> in `html`, in document order, deduped
(first kept). Returned EXACTLY as they appear (still entity-escaped) so a
caller can match them back for verbatim substitution."""
if not html:
return []
out: list[str] = []
seen: set[str] = set()
for _pre, src, _post in _IMG_SRC_RE.findall(html):
if src and src not in seen:
seen.add(src)
out.append(src)
return out
def rewrite_img_srcs(html: str | None, replace: dict[str, str]) -> str | None:
"""Swap each <img src> whose raw (as-in-HTML) value is a key in `replace`
with the mapped value; others are left untouched. Used to point a post body's
inline images at locally-served copies (#830 Phase 2). Operates only on src
values of already-sanitized markup, so the result stays within the allowlist.
Returns `html` unchanged when it or `replace` is empty."""
if not html or not replace:
return html
def _sub(m: re.Match) -> str:
pre, src, post = m.group(1), m.group(2), m.group(3)
return f"{pre}{replace.get(src, src)}{post}"
return _IMG_SRC_RE.sub(_sub, html)