diff options
| author | eal <eal@waifu.club> | 2017-11-18 14:43:41 +0200 |
|---|---|---|
| committer | eal <eal@waifu.club> | 2017-11-18 14:43:41 +0200 |
| commit | 66e78c3ec4e524a31a4c12f4dbe682ccbbc0025d (patch) | |
| tree | f30c92d99205b311222c3a5a14e189e4f8d576f5 /lib | |
| parent | 4647bcd6e647ad31ba492a6e712721b58bf47e83 (diff) | |
| download | pleroma-66e78c3ec4e524a31a4c12f4dbe682ccbbc0025d.tar.gz | |
Escape HTML instead of discarding it.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/pleroma/web/common_api/utils.ex | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/pleroma/web/common_api/utils.ex b/lib/pleroma/web/common_api/utils.ex index 83a656011..21b6226b1 100644 --- a/lib/pleroma/web/common_api/utils.ex +++ b/lib/pleroma/web/common_api/utils.ex @@ -58,7 +58,8 @@ defmodule Pleroma.Web.CommonAPI.Utils do end def format_input(text, mentions, tags) do - HtmlSanitizeEx.strip_tags(text) + Phoenix.HTML.html_escape(text) + |> elem(1) |> Formatter.linkify |> String.replace("\n", "<br>\n") |> add_user_links(mentions) |