hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Escape HTML instead of discarding it.

Browse source
This commit is contained in:
eal 2017-11-18 14:43:41 +02:00
commit 66e78c3ec4
2 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

3
lib/pleroma/web/common_api/utils.ex
View file

@ -58,7 +58,8 @@ defmodule Pleroma.Web.CommonAPI.Utils do
end
def format_input(text, mentions, tags) do
HtmlSanitizeEx.strip_tags(text)
Phoenix.HTML.html_escape(text)
|> elem(1)
|> Formatter.linkify
|> String.replace("\n", "<br>\n")
|> add_user_links(mentions)