diff --git a/lib/redmine/wiki_formatting/common_mark/formatter.rb b/lib/redmine/wiki_formatting/common_mark/formatter.rb index 9ef52692e..816fc4395 100644 --- a/lib/redmine/wiki_formatting/common_mark/formatter.rb +++ b/lib/redmine/wiki_formatting/common_mark/formatter.rb @@ -73,9 +73,13 @@ module Redmine html = MarkdownFilter.new(@text, PIPELINE_CONFIG).call fragment = Redmine::WikiFormatting::HtmlParser.parse(html) SANITIZER.call(fragment) - SCRUBBERS.each do |scrubber| - fragment.scrub!(scrubber) + scrubber = Loofah::Scrubber.new do |node| + SCRUBBERS.each do |s| + s.scrub(node) + break if node.parent.nil? + end end + fragment.scrub!(scrubber) fragment.to_s end end diff --git a/lib/redmine/wiki_formatting/html_sanitizer.rb b/lib/redmine/wiki_formatting/html_sanitizer.rb index d818687b0..e512d7788 100644 --- a/lib/redmine/wiki_formatting/html_sanitizer.rb +++ b/lib/redmine/wiki_formatting/html_sanitizer.rb @@ -27,9 +27,13 @@ module Redmine def self.call(html) fragment = HtmlParser.parse(html) SANITIZER.call(fragment) - SCRUBBERS.each do |scrubber| - fragment.scrub!(scrubber) + scrubber = Loofah::Scrubber.new do |node| + SCRUBBERS.each do |s| + s.scrub(node) + break if node.parent.nil? + end end + fragment.scrub!(scrubber) fragment.to_s end end diff --git a/lib/redmine/wiki_formatting/textile/formatter.rb b/lib/redmine/wiki_formatting/textile/formatter.rb index 57d8dbab4..39f9fd15e 100644 --- a/lib/redmine/wiki_formatting/textile/formatter.rb +++ b/lib/redmine/wiki_formatting/textile/formatter.rb @@ -39,9 +39,13 @@ module Redmine def to_html(*rules) html = @filter.to_html(rules) fragment = Loofah.html5_fragment(html) - SCRUBBERS.each do |scrubber| - fragment.scrub!(scrubber) + scrubber = Loofah::Scrubber.new do |node| + SCRUBBERS.each do |s| + s.scrub(node) + break if node.parent.nil? + end end + fragment.scrub!(scrubber) fragment.to_s end end