7 files changed, 9 insertions, 13 deletions

diff --git a/internal/processing/account/create.go b/internal/processing/account/create.go
index bbca11fae..61c4f95ef 100644
--- a/internal/processing/account/create.go
+++ b/internal/processing/account/create.go
@@ -64,7 +64,7 @@ func (p *processor) Create(ctx context.Context, applicationToken oauth2.TokenInf
 	}
 
 	l.Trace("creating new username and account")
-	user, err := p.db.NewSignup(ctx, form.Username, text.RemoveHTML(reason), approvalRequired, form.Email, form.Password, form.IP, form.Locale, application.ID, false, false)
+	user, err := p.db.NewSignup(ctx, form.Username, text.SanitizePlaintext(reason), approvalRequired, form.Email, form.Password, form.IP, form.Locale, application.ID, false, false)
 	if err != nil {
 		return nil, fmt.Errorf("error creating new signup in the database: %s", err)
 	}
diff --git a/internal/processing/account/update.go b/internal/processing/account/update.go
index 3d6bbae2a..5fae6e73b 100644
--- a/internal/processing/account/update.go
+++ b/internal/processing/account/update.go
@@ -53,7 +53,7 @@ func (p *processor) Update(ctx context.Context, account *gtsmodel.Account, form
 		if err := validate.DisplayName(*form.DisplayName); err != nil {
 			return nil, err
 		}
-		account.DisplayName = text.RemoveHTML(*form.DisplayName)
+		account.DisplayName = text.SanitizePlaintext(*form.DisplayName)
 	}
 
 	if form.Note != nil {
diff --git a/internal/processing/admin/createdomainblock.go b/internal/processing/admin/createdomainblock.go
index 3cfaabce0..1c641950c 100644
--- a/internal/processing/admin/createdomainblock.go
+++ b/internal/processing/admin/createdomainblock.go
@@ -59,8 +59,8 @@ func (p *processor) DomainBlockCreate(ctx context.Context, account *gtsmodel.Acc
 			ID:                 blockID,
 			Domain:             domain,
 			CreatedByAccountID: account.ID,
-			PrivateComment:     text.RemoveHTML(privateComment),
-			PublicComment:      text.RemoveHTML(publicComment),
+			PrivateComment:     text.SanitizePlaintext(privateComment),
+			PublicComment:      text.SanitizePlaintext(publicComment),
 			Obfuscate:          obfuscate,
 			SubscriptionID:     subscriptionID,
 		}
diff --git a/internal/processing/instance.go b/internal/processing/instance.go
index 11f966adb..f4fe2ca79 100644
--- a/internal/processing/instance.go
+++ b/internal/processing/instance.go
@@ -65,7 +65,7 @@ func (p *processor) InstancePatch(ctx context.Context, form *apimodel.InstanceSe
 		if err := validate.SiteTitle(*form.Title); err != nil {
 			return nil, gtserror.NewErrorBadRequest(err, fmt.Sprintf("site title invalid: %s", err))
 		}
-		i.Title = text.RemoveHTML(*form.Title) // don't allow html in site title
+		i.Title = text.SanitizePlaintext(*form.Title) // don't allow html in site title
 	}
 
 	// validate & update site contact account if it's set on the form
diff --git a/internal/processing/media/update.go b/internal/processing/media/update.go
index b275b9ffe..116588a48 100644
--- a/internal/processing/media/update.go
+++ b/internal/processing/media/update.go
@@ -45,7 +45,7 @@ func (p *processor) Update(ctx context.Context, account *gtsmodel.Account, media
 	}
 
 	if form.Description != nil {
-		attachment.Description = text.SanitizeCaption(*form.Description)
+		attachment.Description = text.SanitizePlaintext(*form.Description)
 		if err := p.db.UpdateByPrimaryKey(ctx, attachment); err != nil {
 			return nil, gtserror.NewErrorInternalError(fmt.Errorf("database error updating description: %s", err))
 		}
diff --git a/internal/processing/status/create.go b/internal/processing/status/create.go
index add8a5bc6..e5f6e9647 100644
--- a/internal/processing/status/create.go
+++ b/internal/processing/status/create.go
@@ -49,7 +49,7 @@ func (p *processor) Create(ctx context.Context, account *gtsmodel.Account, appli
 		Local:                    true,
 		AccountID:                account.ID,
 		AccountURI:               account.URI,
-		ContentWarning:           text.SanitizeCaption(form.SpoilerText),
+		ContentWarning:           text.SanitizePlaintext(form.SpoilerText),
 		ActivityStreamsType:      ap.ObjectNote,
 		Sensitive:                form.Sensitive,
 		Language:                 form.Language,
diff --git a/internal/processing/status/util.go b/internal/processing/status/util.go
index 190d88f1b..df645189e 100644
--- a/internal/processing/status/util.go
+++ b/internal/processing/status/util.go
@@ -27,7 +27,6 @@ import (
 	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
 	"github.com/superseriousbusiness/gotosocial/internal/db"
 	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
-	"github.com/superseriousbusiness/gotosocial/internal/text"
 	"github.com/superseriousbusiness/gotosocial/internal/util"
 )
 
@@ -269,16 +268,13 @@ func (p *processor) ProcessContent(ctx context.Context, form *apimodel.AdvancedS
 		form.Format = apimodel.StatusFormatDefault
 	}
 
-	// remove any existing html from the status
-	content := text.RemoveHTML(form.Status)
-
 	// parse content out of the status depending on what format has been submitted
 	var formatted string
 	switch form.Format {
 	case apimodel.StatusFormatPlain:
-		formatted = p.formatter.FromPlain(ctx, content, status.Mentions, status.Tags)
+		formatted = p.formatter.FromPlain(ctx, form.Status, status.Mentions, status.Tags)
 	case apimodel.StatusFormatMarkdown:
-		formatted = p.formatter.FromMarkdown(ctx, content, status.Mentions, status.Tags)
+		formatted = p.formatter.FromMarkdown(ctx, form.Status, status.Mentions, status.Tags)
 	default:
 		return fmt.Errorf("format %s not recognised as a valid status format", form.Format)
 	}