mirror of
https://github.com/superseriousbusiness/gotosocial
synced 2025-06-05 21:59:39 +02:00
[bugfix] Use custom bluemonday policy to disallow inline img tags (#2100)
This commit is contained in:
@@ -57,13 +57,10 @@ func (f *formatter) FromMarkdown(ctx context.Context, pmf gtsmodel.ParseMentionF
|
||||
result.HTML = htmlContentBytes.String()
|
||||
|
||||
// clean anything dangerous out of the HTML
|
||||
result.HTML = SanitizeHTML(result.HTML)
|
||||
result.HTML = SanitizeToHTML(result.HTML)
|
||||
|
||||
// shrink ray
|
||||
result.HTML, err = m.String("text/html", result.HTML)
|
||||
if err != nil {
|
||||
log.Errorf(ctx, "error minifying HTML: %s", err)
|
||||
}
|
||||
result.HTML = MinifyHTML(result.HTML)
|
||||
|
||||
return result
|
||||
}
|
||||
|
Reference in New Issue
Block a user