[account_ap_id | status_ap_ids] = report.data["object"]
account = User.get_cached_by_ap_id(account_ap_id)
+ content =
+ unless is_nil(report.data["content"]) do
+ HTML.filter_tags(report.data["content"])
+ else
+ nil
+ end
+
statuses =
Enum.map(status_ap_ids, fn ap_id ->
Activity.get_by_ap_id_with_object(ap_id)
id: report.id,
account: AccountView.render("account.json", %{user: account}),
actor: AccountView.render("account.json", %{user: user}),
- content: HTML.filter_tags(report.data["content"]),
+ content: content,
created_at: created_at,
statuses: StatusView.render("index.json", %{activities: statuses, as: :activity}),
state: report.data["state"]
{:ok, activity} = CommonAPI.report(user, %{"account_id" => other_user.id})
expected = %{
- content: "",
+ content: nil,
actor: AccountView.render("account.json", %{user: user}),
account: AccountView.render("account.json", %{user: other_user}),
statuses: [],
CommonAPI.report(user, %{"account_id" => other_user.id, "status_ids" => [activity.id]})
expected = %{
- content: "",
+ content: nil,
actor: AccountView.render("account.json", %{user: user}),
account: AccountView.render("account.json", %{user: other_user}),
statuses: [StatusView.render("status.json", %{activity: activity})],
data = Map.put(activity.data, "content", "<script> alert('hecked :D:D:D:D:D:D:D') </script>")
activity = Map.put(activity, :data, data)
- refute %{content: "<script> alert('hecked :D:D:D:D:D:D:D') </script>"} ==
+ refute "<script> alert('hecked :D:D:D:D:D:D:D') </script>" ==
ReportView.render("show.json", %{report: activity})[:content]
end
end
projects / akkoma / commitdiff