sjw
/
pleroma
mirror of https://git.pleroma.social/sjw/pleroma.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Strip html from emoji stuff.

This commit is contained in:
lain 2018-03-23 19:52:08 +01:00
parent 5da2355e71
commit fbe9aa3506
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/pleroma/formatter.ex
View File

@ -132,6 +132,8 @@ defmodule Pleroma.Formatter do
end
Enum.reduce(all_emoji, text, fn ({emoji, file}, text) ->
emoji = HtmlSanitizeEx.strip_tags(emoji)
file = HtmlSanitizeEx.strip_tags(file)
String.replace(text, ":#{emoji}:", "<img height='32px' width='32px' alt='#{emoji}' title='#{emoji}' src='#{MediaProxy.url(file)}' />")
end)
end

6
lib/pleroma/web/mastodon_api/views/status_view.ex
View File

@ -77,7 +77,11 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do
reply_to_user = reply_to && User.get_cached_by_ap_id(reply_to.data["actor"])
emojis = (activity.data["object"]["emoji"] || [])
|> Enum.map(fn {name, url} -> %{ shortcode: name, url: url, static_url: url } end)
|> Enum.map(fn {name, url} ->
name = HtmlSanitizeEx.strip_tags(name)
url = HtmlSanitizeEx.strip_tags(url)
%{ shortcode: name, url: url, static_url: url }
end)
%{
id: to_string(activity.id),