Merge branch 'sanitize-bio' into 'develop'
mastodon api: sanitize the bio HTML See merge request pleroma/pleroma!282
This commit is contained in:
commit
a6d4cc8917
@ -36,7 +36,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
|
||||
followers_count: user_info.follower_count,
|
||||
following_count: user_info.following_count,
|
||||
statuses_count: user_info.note_count,
|
||||
note: user.bio || "",
|
||||
note: HtmlSanitizeEx.basic_html(user.bio) || "",
|
||||
url: user.ap_id,
|
||||
avatar: image,
|
||||
avatar_static: image,
|
||||
|
@ -20,6 +20,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
|
||||
info: %{"note_count" => 5, "follower_count" => 3, "source_data" => source_data},
|
||||
nickname: "shp@shitposter.club",
|
||||
name: ":karjalanpiirakka: shp",
|
||||
bio: "<script src=\"invalid-html\"></script><span>valid html</span>",
|
||||
inserted_at: ~N[2017-08-15 15:47:06.597036]
|
||||
})
|
||||
|
||||
@ -33,7 +34,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
|
||||
followers_count: 3,
|
||||
following_count: 0,
|
||||
statuses_count: 5,
|
||||
note: user.bio,
|
||||
note: "<span>valid html</span>",
|
||||
url: user.ap_id,
|
||||
avatar: "http://localhost:4001/images/avi.png",
|
||||
avatar_static: "http://localhost:4001/images/avi.png",
|
||||
|
Loading…
Reference in New Issue
Block a user