Update mastodon_api_controller.ex

[akkoma] / lib / pleroma / formatter.ex

diff --git a/lib/pleroma/formatter.ex b/lib/pleroma/formatter.ex
index e15c08fd6d69dacd264c6da60408660ac5918ae1..9be54e86358946644fd5e984671836982c38a4ab 100644 (file)
--- a/lib/pleroma/formatter.ex
+++ b/lib/pleroma/formatter.ex
@@ -16,7 +16,7 @@ defmodule Pleroma.Formatter do
   def parse_mentions(text) do
     # Modified from https://www.w3.org/TR/html5/forms.html#valid-e-mail-address
     regex =
-      ~r/@[a-zA-Z0-9.!#$%&'*+\/=?^_`{|}~-]+@?[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*/u
+      ~r/@[a-zA-Z0-9.!#$%&'*+\/=?^_`{|}~-]*@?[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*/u
 
     Regex.scan(regex, text)
     |> List.flatten()
@@ -154,6 +154,7 @@ defmodule Pleroma.Formatter do
           MediaProxy.url(file)
         }' />"
       )
+      |> HtmlSanitizeEx.basic_html()
     end)
   end
 
@@ -272,8 +273,8 @@ defmodule Pleroma.Formatter do
 
     subs =
       subs ++
-        Enum.map(tags, fn {_, tag, uuid} ->
-          url = "<a href='#{Pleroma.Web.base_url()}/tag/#{tag}' rel='tag'>##{tag}</a>"
+        Enum.map(tags, fn {tag_text, tag, uuid} ->
+          url = "<a href='#{Pleroma.Web.base_url()}/tag/#{tag}' rel='tag'>#{tag_text}</a>"
           {uuid, url}
         end)