From b56d147ddbfda06f68f2b7b9436af6c262a9a2c1 Mon Sep 17 00:00:00 2001
From: Jack Reed <phillipjreed@gmail.com>
Date: Wed, 13 May 2020 16:54:37 -0600
Subject: [PATCH] Enable configurable HTML sanitization ruleset for annotation
 display fixes #2871

---
 src/components/CanvasAnnotations.js | 9 +++++++--
 src/config/settings.js              | 1 +
 src/containers/CanvasAnnotations.js | 1 +
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/components/CanvasAnnotations.js b/src/components/CanvasAnnotations.js
index e6ab55da8..983d090c9 100644
--- a/src/components/CanvasAnnotations.js
+++ b/src/components/CanvasAnnotations.js
@@ -58,7 +58,7 @@ export class CanvasAnnotations extends Component {
   render() {
     const {
       annotations, classes, index, label, selectedAnnotationIds, t, totalSize,
-      listContainerComponent,
+      listContainerComponent, htmlSanitizationRuleSet,
     } = this.props;
     if (annotations.length === 0) return <></>;
 
@@ -84,7 +84,10 @@ export class CanvasAnnotations extends Component {
                 onMouseLeave={this.handleAnnotationUnHighlight}
               >
                 <ListItemText primaryTypographyProps={{ variant: 'body2' }}>
-                  <SanitizedHtml ruleSet="iiif" htmlString={annotation.content} />
+                  <SanitizedHtml
+                    ruleSet={htmlSanitizationRuleSet}
+                    htmlString={annotation.content}
+                  />
                 </ListItemText>
               </ListItem>
             ))
@@ -106,6 +109,7 @@ CanvasAnnotations.propTypes = {
   classes: PropTypes.objectOf(PropTypes.string),
   deselectAnnotation: PropTypes.func.isRequired,
   highlightAnnotation: PropTypes.func.isRequired,
+  htmlSanitizationRuleSet: PropTypes.string,
   index: PropTypes.number.isRequired,
   label: PropTypes.string.isRequired,
   listContainerComponent: PropTypes.elementType,
@@ -118,6 +122,7 @@ CanvasAnnotations.propTypes = {
 CanvasAnnotations.defaultProps = {
   annotations: [],
   classes: {},
+  htmlSanitizationRuleSet: 'iiif',
   listContainerComponent: 'li',
   selectedAnnotationIds: [],
 };
diff --git a/src/config/settings.js b/src/config/settings.js
index c2d5d9baf..a81460c65 100644
--- a/src/config/settings.js
+++ b/src/config/settings.js
@@ -215,6 +215,7 @@ export default {
     it: "Italiano",
   },
   annotations: {
+    htmlSanitizationRuleSet: 'iiif', // See src/lib/htmlRules.js for acceptable values
     filteredMotivations: ['oa:commenting', 'sc:painting', 'commenting'],
   },
   classPrefix: 'mirador',
diff --git a/src/containers/CanvasAnnotations.js b/src/containers/CanvasAnnotations.js
index 5b5a3986e..67d5a803f 100644
--- a/src/containers/CanvasAnnotations.js
+++ b/src/containers/CanvasAnnotations.js
@@ -32,6 +32,7 @@ const mapStateToProps = (state, { canvasId, windowId }) => ({
       state, { canvasId, motivations: state.config.annotations.filteredMotivations, windowId },
     ),
   ),
+  htmlSanitizationRuleSet: state.config.annotations.htmlSanitizationRuleSet,
   label: getCanvasLabel(state, {
     canvasId,
     windowId,
-- 
GitLab