mirrors/lemmy
1
0
Fork 0
mirror of https://github.com/LemmyNet/lemmy.git synced 2024-06-01 08:38:05 +00:00
Code Issues Projects Releases Wiki Activity

Fix sanitize_html whitespaces (#3829)

Browse source
This commit is contained in:
maxime.io 2023-08-07 14:22:52 +02:00 committed by GitHub
parent bed9474cf0
commit d81fb987aa
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
crates/api_common/src/utils.rs
View file

@ -797,12 +797,14 @@ pub fn generate_moderators_url(community_id: &DbUrl) -> Result<DbUrl, LemmyError
/// Sanitize HTML with default options. Additionally, dont allow bypassing markdown
/// links and images
pub fn sanitize_html(data: &str) -> String {
let sanitized = ammonia::Builder::default()
ammonia::Builder::default()
.rm_tags(&["a", "img"])
.clean(data)
.to_string();
// restore markdown quotes
sanitized.replace("&gt;", ">")
.to_string()
// restore markdown quotes
.replace("&gt;", ">")
// restore white space
.replace("&nbsp;", " ")
}
pub fn sanitize_html_opt(data: &Option<String>) -> Option<String> {
@ -839,5 +841,7 @@ mod tests {
assert_eq!(sanitized, " hello");
let sanitized = sanitize_html("<img src='http://example.com'> test");
assert_eq!(sanitized, " test");
let sanitized = sanitize_html("Hello&nbsp;World");
assert_eq!(sanitized, "Hello World");
}
}