update embed-to-anchor

Author: visualjerk

package.json

@@ -53,7 +53,6 @@
   },
   "dependencies": {
     "body-parser": "~1.18.2",
-    "cheerio": "^1.0.0-rc.2",
     "compression": "~1.7.1",
     "cors": "~2.8.4",
     "crypto": "~1.0.1",
@@ -103,7 +102,7 @@
     "mongoose": "~4.13.2",
     "multer": "~1.3.0",
     "node-sass": "~4.7.2",
-    "quill-url-embeds": "^1.0.6",
+    "quill-url-embeds": "^1.0.9",
     "raven": "~2.4.0",
     "request": "~2.83.0",
     "request-promise": "~4.2.2",

server/hooks/xss.js

@@ -1,19 +1,10 @@
 const sanitizeHtml = require('sanitize-html');
-// const utils = require('quill-url-embeds');
+const embedToAnchor = require('quill-url-embeds/dist/embed-to-anchor');
 const _ = require('lodash');
-const cheerio = require('cheerio');
 
 function clean (dirty) {
   // Convert embeds to a-tags
-  // dirty = utils.embedToAnchor(dirty);
-  const $ = cheerio.load(dirty);
-  $('div[data-url-embed]').each((i, el) => {
-    let url = el.attribs['data-url-embed'];
-    let aTag = $(`<a href="${url}" target="_blank" data-url-embed>${url}</a>`);
-    $(el).replaceWith(aTag);
-  })
-  dirty = $('body').html();
-
+  dirty = embedToAnchor(dirty);
   dirty = sanitizeHtml(dirty, {
     allowedTags: ['iframe', 'img', 'p', 'br', 'b', 'i', 'em', 'strong', 'a', 'pre', 'ul', 'li', 'ol', 'span'],
     allowedAttributes: {

yarn.lock

@@ -4405,9 +4405,9 @@ quill-delta@^3.6.2:
     extend "^3.0.1"
     fast-diff "1.1.2"
 
-quill-url-embeds@^1.0.6:
-  version "1.0.6"
-  resolved "https://registry.yarnpkg.com/quill-url-embeds/-/quill-url-embeds-1.0.6.tgz#e2b9f8ea73d254efd5f90578c79210e787fad068"
+quill-url-embeds@^1.0.9:
+  version "1.0.9"
+  resolved "https://registry.yarnpkg.com/quill-url-embeds/-/quill-url-embeds-1.0.9.tgz#883b5c3ae07f29eb7ee36d98f89a403f1314f7c8"
   dependencies:
     axios "^0.18.0"
     babel-polyfill "^6.26.0"