1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
package format
import (
"html"
"regexp"
"strings"
)
func SanitizeHTML(htmlContent string) string {
// Remove dangerous tags
htmlContent = removeDangerousTags(htmlContent)
// Remove inline event handlers
htmlContent = removeEventHandlers(htmlContent)
// Remove javascript: protocol
htmlContent = removeJavascriptProtocol(htmlContent)
// Sanitize styles
htmlContent = sanitizeStyles(htmlContent)
return htmlContent
}
func removeDangerousTags(html string) string {
dangerousTags := []string{
"script", "iframe", "object", "embed", "applet",
"meta", "link", "base", "form", "input", "button",
}
for _, tag := range dangerousTags {
regex := regexp.MustCompile(`(?i)<` + tag + `[^>]*>[\s\S]*?</` + tag + `>`)
html = regex.ReplaceAllString(html, "")
regex = regexp.MustCompile(`(?i)<` + tag + `[^>]*>`)
html = regex.ReplaceAllString(html, "")
}
return html
}
func removeEventHandlers(html string) string {
eventHandlers := regexp.MustCompile(`(?i)\s*on\w+\s*=\s*["'][^"']*["']`)
return eventHandlers.ReplaceAllString(html, "")
}
func removeJavascriptProtocol(html string) string {
jsProtocol := regexp.MustCompile(`(?i)javascript:`)
return jsProtocol.ReplaceAllString(html, "")
}
func sanitizeStyles(html string) string {
// Remove dangerous CSS properties
dangerousStyles := []string{"behavior", "expression", "binding", "import", "moz-binding"}
for _, style := range dangerousStyles {
regex := regexp.MustCompile(`(?i)` + style + `\s*:\s*[^;]+;?`)
html = regex.ReplaceAllString(html, "")
}
return html
}
func GenerateSnippet(bodyText, bodyHTML string) string {
text := bodyText
if text == "" && bodyHTML != "" {
text = StripHTML(bodyHTML)
}
text = strings.TrimSpace(text)
if len(text) > 150 {
text = text[:150] + "..."
}
return text
}
func StripHTML(html string) string {
text := html
styleRegex := regexp.MustCompile(`(?i)<style[^>]*>[\s\S]*?</style>`)
text = styleRegex.ReplaceAllString(text, "")
scriptRegex := regexp.MustCompile(`(?i)<script[^>]*>[\s\S]*?</script>`)
text = scriptRegex.ReplaceAllString(text, "")
headRegex := regexp.MustCompile(`(?i)<head[^>]*>[\s\S]*?</head>`)
text = headRegex.ReplaceAllString(text, "")
text = strings.ReplaceAll(text, "<br>", "\n")
text = strings.ReplaceAll(text, "<br/>", "\n")
text = strings.ReplaceAll(text, "<br />", "\n")
text = strings.ReplaceAll(text, "</p>", "\n\n")
text = strings.ReplaceAll(text, "</div>", "\n")
text = strings.ReplaceAll(text, "</tr>", "\n")
text = strings.ReplaceAll(text, "</h1>", "\n")
text = strings.ReplaceAll(text, "</h2>", "\n")
text = strings.ReplaceAll(text, "</h3>", "\n")
text = strings.ReplaceAll(text, "</li>", "\n")
inTag := false
var result strings.Builder
for _, char := range text {
if char == '<' {
inTag = true
continue
}
if char == '>' {
inTag = false
continue
}
if !inTag {
result.WriteRune(char)
}
}
cleanText := result.String()
lines := strings.Split(cleanText, "\n")
var cleanLines []string
for _, line := range lines {
line = strings.TrimSpace(line)
if line != "" {
cleanLines = append(cleanLines, line)
}
}
return strings.TrimSpace(strings.Join(cleanLines, " "))
}
func DecodeHTML(text string) string {
return html.UnescapeString(text)
}
|
