mirror of
https://github.com/superseriousbusiness/gotosocial
synced 2025-06-05 21:59:39 +02:00
[bugfix] html escape special characters in text instead of totally removing them (#719)
* remove minify dependency * tidy up some tests * remove pre + postformat funcs * rework sanitization + formatting * update tests * add some more markdown tests
This commit is contained in:
@@ -20,6 +20,7 @@ package text
|
||||
|
||||
import (
|
||||
"context"
|
||||
"html"
|
||||
"strings"
|
||||
|
||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||
@@ -32,10 +33,11 @@ var breakReplacer = strings.NewReplacer(
|
||||
)
|
||||
|
||||
func (f *formatter) FromPlain(ctx context.Context, plain string, mentions []*gtsmodel.Mention, tags []*gtsmodel.Tag) string {
|
||||
content := preformat(plain)
|
||||
// trim any crap
|
||||
content := strings.TrimSpace(plain)
|
||||
|
||||
// sanitize any html elements
|
||||
content = removeHTML(content)
|
||||
// clean 'er up
|
||||
content = html.EscapeString(content)
|
||||
|
||||
// format links nicely
|
||||
content = f.ReplaceLinks(ctx, content)
|
||||
@@ -52,5 +54,5 @@ func (f *formatter) FromPlain(ctx context.Context, plain string, mentions []*gts
|
||||
// wrap the whole thing in a pee
|
||||
content = `<p>` + content + `</p>`
|
||||
|
||||
return postformat(content)
|
||||
return SanitizeHTML(content)
|
||||
}
|
||||
|
Reference in New Issue
Block a user