Disable inline images (!218) · Merge requests · Soapbox / Rebased

Alex Gleason requested to merge disable-inline-images into develop Nov 26, 2022

See thread for context: https://gleasonator.com/@alex/posts/AQ0bhAhsZR7PqNTCjY

Also:

https://akkoma.dev/AkkomaGang/akkoma/pulls/316
https://akkoma.dev/AkkomaGang/akkoma/commit/a8f3cf65637c91dad613d2dbeae86664437ffbbd

The actual fix is to disable inline images, which would also fix:

soapbox#1171 (closed)
Duplicate images from Hubzilla

Sanitizing posts before they hit the database is probably also a good idea, but I'm not sure about enabling the NormalizeMarkup MRF just yet, as it hasn't been updated in years and probably needs a guard on object type.

Status content already gets sanitized by StatusView before it gets served through the API.
Chat messages already get sanitized by the Validator.

We should probably move sanitization code to the validators, get rid of the MRF, and don't sanitize things twice in StatusView. That would boost performance ever so slightly.

Edited Nov 26, 2022 by Alex Gleason

Disable inline images

Merge request reports