diff options
| author |  tobi <31960611+tsmethurst@users.noreply.github.com> | 2022-05-26 11:37:13 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2022-05-26 11:37:13 +0200 |
| commit | 5668ce1ec701ed12eb099020e8a322de08e6f810 (patch) | |
| tree | f056890ae94f464176750be17b06292c5b9160d7 /internal/processing/status | |
| parent | [security] Set SameSite to `strict` instead of browser default (#606) (diff) | |
| download | gotosocial-5668ce1ec701ed12eb099020e8a322de08e6f810.tar.xz | |
[bugfix] Fix HTML escaping in instance title (#607)
* move caption sanitization -> sanitize.go
* use sanitizeplaintext rather than removehtml
* rename sanitizecaption to sanitizeplaintext
* avoid removing html twice from statuses
* unexport remoteHTML
it's no longer used outside the text package so this
makes it less confusing
* test instance PATCH
Diffstat (limited to 'internal/processing/status')
| -rw-r--r-- | internal/processing/status/create.go | 2 | ||||
| -rw-r--r-- | internal/processing/status/util.go | 8 |
2 files changed, 3 insertions, 7 deletions
diff --git a/internal/processing/status/create.go b/internal/processing/status/create.go index add8a5bc6..e5f6e9647 100644 --- a/internal/processing/status/create.go +++ b/internal/processing/status/create.go @@ -49,7 +49,7 @@ func (p *processor) Create(ctx context.Context, account *gtsmodel.Account, appli Local: true, AccountID: account.ID, AccountURI: account.URI, - ContentWarning: text.SanitizeCaption(form.SpoilerText), + ContentWarning: text.SanitizePlaintext(form.SpoilerText), ActivityStreamsType: ap.ObjectNote, Sensitive: form.Sensitive, Language: form.Language, diff --git a/internal/processing/status/util.go b/internal/processing/status/util.go index 190d88f1b..df645189e 100644 --- a/internal/processing/status/util.go +++ b/internal/processing/status/util.go @@ -27,7 +27,6 @@ import ( apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model" "github.com/superseriousbusiness/gotosocial/internal/db" "github.com/superseriousbusiness/gotosocial/internal/gtsmodel" - "github.com/superseriousbusiness/gotosocial/internal/text" "github.com/superseriousbusiness/gotosocial/internal/util" ) @@ -269,16 +268,13 @@ func (p *processor) ProcessContent(ctx context.Context, form *apimodel.AdvancedS form.Format = apimodel.StatusFormatDefault } - // remove any existing html from the status - content := text.RemoveHTML(form.Status) - // parse content out of the status depending on what format has been submitted var formatted string switch form.Format { case apimodel.StatusFormatPlain: - formatted = p.formatter.FromPlain(ctx, content, status.Mentions, status.Tags) + formatted = p.formatter.FromPlain(ctx, form.Status, status.Mentions, status.Tags) case apimodel.StatusFormatMarkdown: - formatted = p.formatter.FromMarkdown(ctx, content, status.Mentions, status.Tags) + formatted = p.formatter.FromMarkdown(ctx, form.Status, status.Mentions, status.Tags) default: return fmt.Errorf("format %s not recognised as a valid status format", form.Format) } |