Support <audio> element

This whitelists the HTML5 <audio> element and adds some basic style to make it look nice.
5 years ago · b0d70d9bdb
parent ba3cb4b4ff
commit b0d70d9bdb
2 changed files with 8 additions and 2 deletions
--- a/less/core.less
+++ b/less/core.less
@ -108,9 +108,13 @@ body {
 		code {
 			.article-code;
 		}
-		img, video {
+		img, video, audio {
 			max-width: 100%;
 		}
+		audio {
+			width: 100%;
+			white-space: initial;
+		}
 		pre {
 			.code-block;

--- a/postrender.go
+++ b/postrender.go
@ -156,10 +156,12 @@ func friendlyPostTitle(content, friendlyId string) string {

 func getSanitizationPolicy() *bluemonday.Policy {
 	policy := bluemonday.UGCPolicy()
-	policy.AllowAttrs("src", "style").OnElements("iframe", "video")
+	policy.AllowAttrs("src", "style").OnElements("iframe", "video", "audio")
+	policy.AllowAttrs("src", "type").OnElements("source")
 	policy.AllowAttrs("frameborder", "width", "height").Matching(bluemonday.Integer).OnElements("iframe")
 	policy.AllowAttrs("allowfullscreen").OnElements("iframe")
 	policy.AllowAttrs("controls", "loop", "muted", "autoplay").OnElements("video")
+	policy.AllowAttrs("controls", "loop", "muted", "autoplay", "preload").OnElements("audio")
 	policy.AllowAttrs("target").OnElements("a")
 	policy.AllowAttrs("style", "class", "id").Globally()
 	policy.AllowURLSchemes("http", "https", "mailto", "xmpp")