From: ensra <ensra@users.noreply.github.com>
Date: Tue, 21 Aug 2018 09:53:53 +0000 (+0100)
Subject: mastodon api: sanitize the bio HTML
X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=175f0bebbc8ee420082b10b00e49e490f65d4c5f;p=akkoma

mastodon api: sanitize the bio HTML
---

diff --git a/lib/pleroma/web/mastodon_api/views/account_view.ex b/lib/pleroma/web/mastodon_api/views/account_view.ex
index cc5261616..d9edcae7f 100644
--- a/lib/pleroma/web/mastodon_api/views/account_view.ex
+++ b/lib/pleroma/web/mastodon_api/views/account_view.ex
@@ -36,7 +36,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
       followers_count: user_info.follower_count,
       following_count: user_info.following_count,
       statuses_count: user_info.note_count,
-      note: user.bio || "",
+      note: HtmlSanitizeEx.basic_html(user.bio) || "",
       url: user.ap_id,
       avatar: image,
       avatar_static: image,