From: rinpatch Date: Sat, 15 Jun 2019 22:30:32 +0000 (+0300) Subject: Sanitize HTML in ReportView X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=641bcaa44e47a83bb7730e39b2f6b9d16251b40e;p=akkoma Sanitize HTML in ReportView Closes #990 --- diff --git a/lib/pleroma/web/admin_api/views/report_view.ex b/lib/pleroma/web/admin_api/views/report_view.ex index 47a73dc7e..48d73b4cd 100644 --- a/lib/pleroma/web/admin_api/views/report_view.ex +++ b/lib/pleroma/web/admin_api/views/report_view.ex @@ -6,6 +6,7 @@ defmodule Pleroma.Web.AdminAPI.ReportView do use Pleroma.Web, :view alias Pleroma.Activity alias Pleroma.User + alias Pleroma.HTML alias Pleroma.Web.CommonAPI.Utils alias Pleroma.Web.MastodonAPI.AccountView alias Pleroma.Web.MastodonAPI.StatusView @@ -32,7 +33,7 @@ defmodule Pleroma.Web.AdminAPI.ReportView do id: report.id, account: AccountView.render("account.json", %{user: account}), actor: AccountView.render("account.json", %{user: user}), - content: report.data["content"], + content: HTML.filter_tags(report.data["content"]), created_at: created_at, statuses: StatusView.render("index.json", %{activities: statuses, as: :activity}), state: report.data["state"]