Refactor dom sanitizer usage

- Move sanitizer logic into `domSanitizer` file
- Avoid most direct use of dompurify types
- Use clearer names to describe what properties do

Author: mjbvz

src/vs/base/browser/dom.ts

@@ -10,10 +10,9 @@ import { IMouseEvent, StandardMouseEvent } from './mouseEvent.js';
 import { AbstractIdleValue, IntervalTimer, TimeoutTimer, _runWhenIdle, IdleDeadline } from '../common/async.js';
 import { BugIndicatingError, onUnexpectedError } from '../common/errors.js';
 import * as event from '../common/event.js';
-import dompurify from './dompurify/dompurify.js';
 import { KeyCode } from '../common/keyCodes.js';
 import { Disposable, DisposableStore, IDisposable, toDisposable } from '../common/lifecycle.js';
-import { RemoteAuthorities, Schemas } from '../common/network.js';
+import { RemoteAuthorities } from '../common/network.js';
 import * as platform from '../common/platform.js';
 import { URI } from '../common/uri.js';
 import { hash } from '../common/hash.js';
@@ -1652,223 +1651,6 @@ export function detectFullscreen(targetWindow: Window): IDetectedFullscreen | nu
 	return null;
 }
 
-// -- sanitize and trusted html
-
-/**
- * Hooks dompurify using `afterSanitizeAttributes` to check that all `href` and `src`
- * attributes are valid.
- */
-export function hookDomPurifyHrefAndSrcSanitizer(allowedProtocols: readonly string[], allowDataImages = false): IDisposable {
-	// https://github.com/cure53/DOMPurify/blob/main/demos/hooks-scheme-allowlist.html
-
-	// build an anchor to map URLs to
-	const anchor = document.createElement('a');
-
-	dompurify.addHook('afterSanitizeAttributes', (node) => {
-		// check all href/src attributes for validity
-		for (const attr of ['href', 'src']) {
-			if (node.hasAttribute(attr)) {
-				const attrValue = node.getAttribute(attr) as string;
-				if (attr === 'href' && attrValue.startsWith('#')) {
-					// Allow fragment links
-					continue;
-				}
-
-				anchor.href = attrValue;
-				if (!allowedProtocols.includes(anchor.protocol.replace(/:$/, ''))) {
-					if (allowDataImages && attr === 'src' && anchor.href.startsWith('data:')) {
-						continue;
-					}
-
-					node.removeAttribute(attr);
-				}
-			}
-		}
-	});
-
-	return toDisposable(() => {
-		dompurify.removeHook('afterSanitizeAttributes');
-	});
-}
-
-const defaultSafeProtocols = [
-	Schemas.http,
-	Schemas.https,
-	Schemas.command,
-];
-
-/**
- * List of safe, non-input html tags.
- */
-export const basicMarkupHtmlTags = Object.freeze([
-	'a',
-	'abbr',
-	'b',
-	'bdo',
-	'blockquote',
-	'br',
-	'caption',
-	'cite',
-	'code',
-	'col',
-	'colgroup',
-	'dd',
-	'del',
-	'details',
-	'dfn',
-	'div',
-	'dl',
-	'dt',
-	'em',
-	'figcaption',
-	'figure',
-	'h1',
-	'h2',
-	'h3',
-	'h4',
-	'h5',
-	'h6',
-	'hr',
-	'i',
-	'img',
-	'input',
-	'ins',
-	'kbd',
-	'label',
-	'li',
-	'mark',
-	'ol',
-	'p',
-	'pre',
-	'q',
-	'rp',
-	'rt',
-	'ruby',
-	'samp',
-	'small',
-	'small',
-	'source',
-	'span',
-	'strike',
-	'strong',
-	'sub',
-	'summary',
-	'sup',
-	'table',
-	'tbody',
-	'td',
-	'tfoot',
-	'th',
-	'thead',
-	'time',
-	'tr',
-	'tt',
-	'u',
-	'ul',
-	'var',
-	'video',
-	'wbr',
-]);
-
-export const trustedMathMlTags = Object.freeze([
-	'semantics',
-	'annotation',
-	'math',
-	'menclose',
-	'merror',
-	'mfenced',
-	'mfrac',
-	'mglyph',
-	'mi',
-	'mlabeledtr',
-	'mmultiscripts',
-	'mn',
-	'mo',
-	'mover',
-	'mpadded',
-	'mphantom',
-	'mroot',
-	'mrow',
-	'ms',
-	'mspace',
-	'msqrt',
-	'mstyle',
-	'msub',
-	'msup',
-	'msubsup',
-	'mtable',
-	'mtd',
-	'mtext',
-	'mtr',
-	'munder',
-	'munderover',
-	'mprescripts',
-
-	// svg tags
-	'svg',
-	'altglyph',
-	'altglyphdef',
-	'altglyphitem',
-	'circle',
-	'clippath',
-	'defs',
-	'desc',
-	'ellipse',
-	'filter',
-	'font',
-	'g',
-	'glyph',
-	'glyphref',
-	'hkern',
-	'line',
-	'lineargradient',
-	'marker',
-	'mask',
-	'metadata',
-	'mpath',
-	'path',
-	'pattern',
-	'polygon',
-	'polyline',
-	'radialgradient',
-	'rect',
-	'stop',
-	'style',
-	'switch',
-	'symbol',
-	'text',
-	'textpath',
-	'title',
-	'tref',
-	'tspan',
-	'view',
-	'vkern',
-]);
-
-
-export const defaultAllowedAttrs = Object.freeze(['href', 'data-href', 'data-command', 'target', 'title', 'name', 'src', 'alt', 'class', 'id', 'role', 'tabindex', 'style', 'data-code', 'width', 'height', 'align', 'x-dispatch', 'required', 'checked', 'placeholder', 'type', 'start']);
-
-const defaultDomPurifyConfig = Object.freeze<dompurify.Config & { RETURN_TRUSTED_TYPE: true }>({
-	ALLOWED_TAGS: ['a', 'button', 'blockquote', 'code', 'div', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'hr', 'input', 'label', 'li', 'p', 'pre', 'select', 'small', 'span', 'strong', 'textarea', 'ul', 'ol'],
-	ALLOWED_ATTR: [...defaultAllowedAttrs],
-	RETURN_DOM: false,
-	RETURN_DOM_FRAGMENT: false,
-	RETURN_TRUSTED_TYPE: true
-});
-
-/**
- * Sanitizes the given `value` and reset the given `node` with it.
- */
-export function safeInnerHtml(node: HTMLElement, value: string, extraDomPurifyConfig?: dompurify.Config): void {
-	const hook = hookDomPurifyHrefAndSrcSanitizer(defaultSafeProtocols);
-	try {
-		const html = dompurify.sanitize(value, { ...defaultDomPurifyConfig, ...extraDomPurifyConfig });
-		node.innerHTML = html as unknown as string;
-	} finally {
-		hook.dispose();
-	}
-}
-
 type ModifierKey = 'alt' | 'ctrl' | 'shift' | 'meta';
 
 export interface IModifierKeyStatus {