From 358f88e10a7d3de0481309287b4b756087490dfc Mon Sep 17 00:00:00 2001
From: William Pitcock <nenolod@dereferenced.org>
Date: Mon, 10 Sep 2018 00:23:23 +0000
Subject: [PATCH] html: allow inline images by default (because of custom
 emoji)

---
 config/config.exs   |  4 +++-
 lib/pleroma/html.ex | 15 +++++++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/config/config.exs b/config/config.exs
index b3889ba12..d5c5b7902 100644
--- a/config/config.exs
+++ b/config/config.exs
@@ -77,7 +77,9 @@ config :pleroma, :instance,
   managed_config: true
 
 config :pleroma, :markup,
-  allow_inline_images: false,
+  # XXX - unfortunately, inline images must be enabled by default right now, because
+  # of custom emoji.  Issue #275 discusses defanging that somehow.
+  allow_inline_images: true,
   allow_headings: false,
   allow_tables: false,
   allow_fonts: false,
diff --git a/lib/pleroma/html.ex b/lib/pleroma/html.ex
index 1c62f2ccc..107784e70 100644
--- a/lib/pleroma/html.ex
+++ b/lib/pleroma/html.ex
@@ -37,6 +37,21 @@ defmodule Pleroma.HTML.Scrubber.TwitterText do
 
   # microformats
   Meta.allow_tag_with_these_attributes("span", [])
+
+  # allow inline images for custom emoji
+  @markup Application.get_env(:pleroma, :markup)
+  @allow_inline_images Keyword.get(@markup, :allow_inline_images)
+
+  if @allow_inline_images do
+    Meta.allow_tag_with_uri_attributes("img", ["src"], @valid_schemes)
+
+    Meta.allow_tag_with_these_attributes("img", [
+      "width",
+      "height",
+      "title",
+      "alt"
+    ])
+  end
 end
 
 defmodule Pleroma.HTML.Scrubber.Default do