escape attachment urls on creation.
This commit is contained in:
parent
a32784fe6d
commit
7d34cec58d
@ -12,7 +12,7 @@ defmodule Pleroma.Web.TwitterAPI.Utils do
|
|||||||
def add_attachments(text, attachments) do
|
def add_attachments(text, attachments) do
|
||||||
attachment_text = Enum.map(attachments, fn
|
attachment_text = Enum.map(attachments, fn
|
||||||
(%{"url" => [%{"href" => href} | _]}) ->
|
(%{"url" => [%{"href" => href} | _]}) ->
|
||||||
"<a href=\"#{URI.encode(href)}\" class='attachment'>#{Path.basename(href)}</a>"
|
"<a href=\"#{href}\" class='attachment'>#{Path.basename(href)}</a>"
|
||||||
_ -> ""
|
_ -> ""
|
||||||
end)
|
end)
|
||||||
Enum.join([text | attachment_text], "<br>\n")
|
Enum.join([text | attachment_text], "<br>\n")
|
||||||
|
@ -9,6 +9,6 @@ defmodule Pleroma.Web.TwitterAPI.UtilsTest do
|
|||||||
|
|
||||||
res = Utils.add_attachments("", [attachment])
|
res = Utils.add_attachments("", [attachment])
|
||||||
|
|
||||||
assert res == "<br>\n<a href=\"http://heise.de/i%22m%20a%20boy.png\" class='attachment'>i\"m a boy.png</a>"
|
assert res == "<br>\n<a href=\"http://heise.de/i\"m a boy.png\" class='attachment'>i\"m a boy.png</a>"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user