Files
github--github-mcp-server/pkg/sanitize/sanitize.go
T
2026-07-13 12:37:57 +08:00

210 lines
4.5 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
package sanitize
import (
"strings"
"sync"
"unicode"
"github.com/microcosm-cc/bluemonday"
)
var policy *bluemonday.Policy
var policyOnce sync.Once
func Sanitize(input string) string {
return FilterHTMLTags(FilterCodeFenceMetadata(FilterInvisibleCharacters(input)))
}
// FilterInvisibleCharacters removes invisible or control characters that should not appear
// in user-facing titles or bodies. This includes:
// - Unicode tag characters: U+E0001, U+E0020U+E007F
// - BiDi control characters: U+202AU+202E, U+2066U+2069
// - Hidden modifier characters: U+200B, U+200C, U+200E, U+200F, U+00AD, U+FEFF, U+180E, U+2060U+2064
func FilterInvisibleCharacters(input string) string {
if input == "" {
return input
}
// Filter runes
out := make([]rune, 0, len(input))
for _, r := range input {
if !shouldRemoveRune(r) {
out = append(out, r)
}
}
return string(out)
}
func FilterHTMLTags(input string) string {
if input == "" {
return input
}
return getPolicy().Sanitize(input)
}
// FilterCodeFenceMetadata removes hidden or suspicious info strings from fenced code blocks.
func FilterCodeFenceMetadata(input string) string {
if input == "" {
return input
}
lines := strings.Split(input, "\n")
insideFence := false
currentFenceLen := 0
for i, line := range lines {
sanitized, toggled, fenceLen := sanitizeCodeFenceLine(line, insideFence, currentFenceLen)
lines[i] = sanitized
if toggled {
insideFence = !insideFence
if insideFence {
currentFenceLen = fenceLen
} else {
currentFenceLen = 0
}
}
}
return strings.Join(lines, "\n")
}
const maxCodeFenceInfoLength = 48
func sanitizeCodeFenceLine(line string, insideFence bool, expectedFenceLen int) (string, bool, int) {
idx := strings.Index(line, "```")
if idx == -1 {
return line, false, expectedFenceLen
}
if hasNonWhitespace(line[:idx]) {
return line, false, expectedFenceLen
}
fenceEnd := idx
for fenceEnd < len(line) && line[fenceEnd] == '`' {
fenceEnd++
}
fenceLen := fenceEnd - idx
if fenceLen < 3 {
return line, false, expectedFenceLen
}
rest := line[fenceEnd:]
if insideFence {
if expectedFenceLen != 0 && fenceLen != expectedFenceLen {
return line, false, expectedFenceLen
}
return line[:fenceEnd], true, fenceLen
}
trimmed := strings.TrimSpace(rest)
if trimmed == "" {
return line[:fenceEnd], true, fenceLen
}
if strings.IndexFunc(trimmed, unicode.IsSpace) != -1 {
return line[:fenceEnd], true, fenceLen
}
if len(trimmed) > maxCodeFenceInfoLength {
return line[:fenceEnd], true, fenceLen
}
if !isSafeCodeFenceToken(trimmed) {
return line[:fenceEnd], true, fenceLen
}
if len(rest) > 0 && unicode.IsSpace(rune(rest[0])) {
return line[:fenceEnd] + " " + trimmed, true, fenceLen
}
return line[:fenceEnd] + trimmed, true, fenceLen
}
func hasNonWhitespace(segment string) bool {
for _, r := range segment {
if !unicode.IsSpace(r) {
return true
}
}
return false
}
func isSafeCodeFenceToken(token string) bool {
for _, r := range token {
if unicode.IsLetter(r) || unicode.IsDigit(r) {
continue
}
switch r {
case '+', '-', '_', '#', '.':
continue
}
return false
}
return true
}
func getPolicy() *bluemonday.Policy {
policyOnce.Do(func() {
p := bluemonday.StrictPolicy()
p.AllowElements(
"b", "blockquote", "br", "code", "em",
"h1", "h2", "h3", "h4", "h5", "h6",
"hr", "i", "li", "ol", "p", "pre",
"strong", "sub", "sup", "table", "tbody",
"td", "th", "thead", "tr", "ul",
"a", "img",
)
p.AllowAttrs("href").OnElements("a")
p.AllowURLSchemes("http", "https")
p.RequireParseableURLs(true)
p.RequireNoFollowOnLinks(true)
p.RequireNoReferrerOnLinks(true)
p.AddTargetBlankToFullyQualifiedLinks(true)
p.AllowImages()
p.AllowAttrs("src", "alt", "title").OnElements("img")
policy = p
})
return policy
}
func shouldRemoveRune(r rune) bool {
switch r {
case 0x200B, // ZERO WIDTH SPACE
0x200C, // ZERO WIDTH NON-JOINER
0x200E, // LEFT-TO-RIGHT MARK
0x200F, // RIGHT-TO-LEFT MARK
0x00AD, // SOFT HYPHEN
0xFEFF, // ZERO WIDTH NO-BREAK SPACE
0x180E: // MONGOLIAN VOWEL SEPARATOR
return true
case 0xE0001: // TAG
return true
}
// Ranges
// Unicode tags: U+E0020U+E007F
if r >= 0xE0020 && r <= 0xE007F {
return true
}
// BiDi controls: U+202AU+202E
if r >= 0x202A && r <= 0x202E {
return true
}
// BiDi isolates: U+2066U+2069
if r >= 0x2066 && r <= 0x2069 {
return true
}
// Hidden modifiers: U+2060U+2064
if r >= 0x2060 && r <= 0x2064 {
return true
}
return false
}