diff options
| -rw-r--r-- | lib/pleroma/web/common_api/utils.ex | 3 | ||||
| -rw-r--r-- | lib/pleroma/web/mastodon_api/views/account_view.ex | 2 | ||||
| -rw-r--r-- | lib/pleroma/web/twitter_api/twitter_api_controller.ex | 16 | ||||
| -rw-r--r-- | lib/pleroma/web/twitter_api/views/user_view.ex | 6 | ||||
| -rw-r--r-- | test/web/mastodon_api/account_view_test.exs | 3 | ||||
| -rw-r--r-- | test/web/twitter_api/views/user_view_test.exs | 16 |
6 files changed, 28 insertions, 18 deletions
diff --git a/lib/pleroma/web/common_api/utils.ex b/lib/pleroma/web/common_api/utils.ex index c7b0d7935..869f4c566 100644 --- a/lib/pleroma/web/common_api/utils.ex +++ b/lib/pleroma/web/common_api/utils.ex @@ -64,7 +64,6 @@ defmodule Pleroma.Web.CommonAPI.Utils do def make_content_html(status, mentions, attachments, tags, no_attachment_links \\ false) do status - |> String.replace("\r", "") |> format_input(mentions, tags) |> maybe_add_attachments(attachments, no_attachment_links) end @@ -95,7 +94,7 @@ defmodule Pleroma.Web.CommonAPI.Utils do def format_input(text, mentions, tags) do text |> Formatter.html_escape() - |> String.replace("\n", "<br>") + |> String.replace(~r/\r?\n/, "<br>") |> (&{[], &1}).() |> Formatter.add_links() |> Formatter.add_user_links(mentions) diff --git a/lib/pleroma/web/mastodon_api/views/account_view.ex b/lib/pleroma/web/mastodon_api/views/account_view.ex index cc5261616..d9edcae7f 100644 --- a/lib/pleroma/web/mastodon_api/views/account_view.ex +++ b/lib/pleroma/web/mastodon_api/views/account_view.ex @@ -36,7 +36,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do followers_count: user_info.follower_count, following_count: user_info.following_count, statuses_count: user_info.note_count, - note: user.bio || "", + note: HtmlSanitizeEx.basic_html(user.bio) || "", url: user.ap_id, avatar: image, avatar_static: image, diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index 65e67396b..b3a56b27e 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -1,7 +1,9 @@ defmodule Pleroma.Web.TwitterAPI.Controller do use Pleroma.Web, :controller + alias Pleroma.Formatter alias Pleroma.Web.TwitterAPI.{TwitterAPI, UserView, ActivityView, NotificationView} alias Pleroma.Web.CommonAPI + alias Pleroma.Web.CommonAPI.Utils, as: CommonUtils alias Pleroma.{Repo, Activity, User, Notification} alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.Utils @@ -411,8 +413,18 @@ defmodule Pleroma.Web.TwitterAPI.Controller do def update_profile(%{assigns: %{user: user}} = conn, params) do params = if bio = params["description"] do - bio_brs = Regex.replace(~r/\r?\n/, bio, "<br>") - Map.put(params, "bio", bio_brs) + mentions = Formatter.parse_mentions(bio) + tags = Formatter.parse_tags(bio) + + emoji = + (user.info["source_data"]["tag"] || []) + |> Enum.filter(fn %{"type" => t} -> t == "Emoji" end) + |> Enum.map(fn %{"icon" => %{"url" => url}, "name" => name} -> + {String.trim(name, ":"), url} + end) + + bio_html = CommonUtils.format_input(bio, mentions, tags) + Map.put(params, "bio", bio_html |> Formatter.emojify(emoji)) else params end diff --git a/lib/pleroma/web/twitter_api/views/user_view.ex b/lib/pleroma/web/twitter_api/views/user_view.ex index 7d0f0e703..25fda1aa8 100644 --- a/lib/pleroma/web/twitter_api/views/user_view.ex +++ b/lib/pleroma/web/twitter_api/views/user_view.ex @@ -36,12 +36,10 @@ defmodule Pleroma.Web.TwitterAPI.UserView do {String.trim(name, ":"), url} end) - bio = HtmlSanitizeEx.strip_tags(user.bio) - data = %{ "created_at" => user.inserted_at |> Utils.format_naive_asctime(), - "description" => bio, - "description_html" => bio |> Formatter.emojify(emoji), + "description" => HtmlSanitizeEx.strip_tags(user.bio |> String.replace("<br>", "\n")), + "description_html" => HtmlSanitizeEx.basic_html(user.bio), "favourites_count" => 0, "followers_count" => user_info[:follower_count], "following" => following, diff --git a/test/web/mastodon_api/account_view_test.exs b/test/web/mastodon_api/account_view_test.exs index 8bf194e6b..35c8a1fb0 100644 --- a/test/web/mastodon_api/account_view_test.exs +++ b/test/web/mastodon_api/account_view_test.exs @@ -20,6 +20,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do info: %{"note_count" => 5, "follower_count" => 3, "source_data" => source_data}, nickname: "shp@shitposter.club", name: ":karjalanpiirakka: shp", + bio: "<script src=\"invalid-html\"></script><span>valid html</span>", inserted_at: ~N[2017-08-15 15:47:06.597036] }) @@ -33,7 +34,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do followers_count: 3, following_count: 0, statuses_count: 5, - note: user.bio, + note: "<span>valid html</span>", url: user.ap_id, avatar: "http://localhost:4001/images/avi.png", avatar_static: "http://localhost:4001/images/avi.png", diff --git a/test/web/twitter_api/views/user_view_test.exs b/test/web/twitter_api/views/user_view_test.exs index fefb6bdcc..24a5c5bca 100644 --- a/test/web/twitter_api/views/user_view_test.exs +++ b/test/web/twitter_api/views/user_view_test.exs @@ -65,8 +65,8 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "name" => user.name, "screen_name" => user.nickname, "name_html" => user.name, - "description" => HtmlSanitizeEx.strip_tags(user.bio), - "description_html" => HtmlSanitizeEx.strip_tags(user.bio), + "description" => HtmlSanitizeEx.strip_tags(user.bio |> String.replace("<br>", "\n")), + "description_html" => HtmlSanitizeEx.basic_html(user.bio), "created_at" => user.inserted_at |> Utils.format_naive_asctime(), "favourites_count" => 0, "statuses_count" => 1, @@ -104,8 +104,8 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "name" => user.name, "screen_name" => user.nickname, "name_html" => user.name, - "description" => HtmlSanitizeEx.strip_tags(user.bio), - "description_html" => HtmlSanitizeEx.strip_tags(user.bio), + "description" => HtmlSanitizeEx.strip_tags(user.bio |> String.replace("<br>", "\n")), + "description_html" => HtmlSanitizeEx.basic_html(user.bio), "created_at" => user.inserted_at |> Utils.format_naive_asctime(), "favourites_count" => 0, "statuses_count" => 0, @@ -144,8 +144,8 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "name" => follower.name, "screen_name" => follower.nickname, "name_html" => follower.name, - "description" => HtmlSanitizeEx.strip_tags(follower.bio), - "description_html" => HtmlSanitizeEx.strip_tags(follower.bio), + "description" => HtmlSanitizeEx.strip_tags(follower.bio |> String.replace("<br>", "\n")), + "description_html" => HtmlSanitizeEx.basic_html(follower.bio), "created_at" => follower.inserted_at |> Utils.format_naive_asctime(), "favourites_count" => 0, "statuses_count" => 0, @@ -191,8 +191,8 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "name" => user.name, "screen_name" => user.nickname, "name_html" => user.name, - "description" => HtmlSanitizeEx.strip_tags(user.bio), - "description_html" => HtmlSanitizeEx.strip_tags(user.bio), + "description" => HtmlSanitizeEx.strip_tags(user.bio |> String.replace("<br>", "\n")), + "description_html" => HtmlSanitizeEx.basic_html(user.bio), "created_at" => user.inserted_at |> Utils.format_naive_asctime(), "favourites_count" => 0, "statuses_count" => 0, |