Use strong_memoize to customize the SanitizationFilter whitelist

I never liked the hacky `customized?` method anyway, so this is cleaner.

Use strong_memoize to customize the SanitizationFilter whitelist
I never liked the hacky `customized?` method anyway, so this is cleaner.
d699362a · Robert Speicher · 89bffe08 · d699362a
Commit d699362a authored Jul 03, 2018 by Robert Speicher
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 12 deletions

lib/banzai/filter/sanitization_filter.rb lib/banzai/filter/sanitization_filter.rb +5 -12

No files found.
--- a/lib/banzai/filter/sanitization_filter.rb
+++ b/lib/banzai/filter/sanitization_filter.rb
@@ -4,27 +4,20 @@ module Banzai
    #
    # Extends HTML::Pipeline::SanitizationFilter with a custom whitelist.
    class SanitizationFilter < HTML::Pipeline::SanitizationFilter
+      include Gitlab::Utils::StrongMemoize
+
      UNSAFE_PROTOCOLS = %w(data javascript vbscript).freeze
      TABLE_ALIGNMENT_PATTERN = /text-align: (?<alignment>center|left|right)/

      def whitelist
-        whitelist = super.dup
-
-        customize_whitelist(whitelist)
-
-        whitelist
+        strong_memoize(:whitelist) do
+          customize_whitelist(super.dup)
+        end
      end

      private

-      def customized?(transformers)
-        transformers.last.source_location[0] == __FILE__
-      end
-
      def customize_whitelist(whitelist)
-        # Only push these customizations once
-        return if customized?(whitelist[:transformers])
-
        # Allow table alignment; we whitelist specific text-align values in a
        # transformer below
        whitelist[:attributes]['th'] = %w(style)