hamlab/mobilizon-frontend
2
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

[Metadata] Fix actors not sanitizing their description and refactor

Browse Source 
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel
2020-11-17 15:45:08 +01:00
parent a115b49b4c
commit 15a82c7bce
5 changed files with 80 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
lib/service/metadata/actor.ex
View File

@@ -4,20 +4,32 @@ defimpl Mobilizon.Service.Metadata, for: Mobilizon.Actors.Actor do
alias Mobilizon.Actors.Actor
alias Mobilizon.Web.JsonLD.ObjectView
alias Mobilizon.Web.MediaProxy
import Mobilizon.Service.Metadata.Utils, only: [process_description: 2, default_description: 1]
def build_tags(_actor, _locale \\ "en")
def build_tags(%Actor{type: :Group} = group, locale) do
default_desc = default_description(locale)
group =
Map.update(group, :summary, default_desc, fn summary ->
process_description(summary, locale)
end)
def build_tags(%Actor{} = actor, _locale \\ "en") do
[
Tag.tag(:meta, property: "og:title", content: Actor.display_name_and_username(actor)),
Tag.tag(:meta, property: "og:url", content: actor.url),
Tag.tag(:meta, property: "og:description", content: actor.summary),
Tag.tag(:meta, property: "og:title", content: Actor.display_name_and_username(group)),
Tag.tag(:meta, property: "og:url", content: group.url),
Tag.tag(:meta, property: "og:description", content: group.summary),
Tag.tag(:meta, property: "og:type", content: "profile"),
Tag.tag(:meta, property: "profile:username", content: actor.preferred_username),
Tag.tag(:meta, property: "profile:username", content: group.preferred_username),
Tag.tag(:meta, property: "twitter:card", content: "summary")
]
|> maybe_add_avatar(actor)
|> maybe_add_group_schema(actor)
|> maybe_add_avatar(group)
|> add_group_schema(group)
end
def build_tags(%Actor{} = _actor, _locale), do: []
@spec maybe_add_avatar(list(Tag.t()), Actor.t()) :: list(Tag.t())
defp maybe_add_avatar(tags, actor) do
if is_nil(actor.avatar) do
@@ -28,12 +40,10 @@ defimpl Mobilizon.Service.Metadata, for: Mobilizon.Actors.Actor do
end
end
defp maybe_add_group_schema(tags, %Actor{type: :Group} = group) do
defp add_group_schema(tags, %Actor{} = group) do
tags ++ [~s{<script type="application/ld+json">#{json(group)}</script>} |> HTML.raw()]
end
defp maybe_add_group_schema(tags, _), do: tags
# Insert JSON-LD schema by hand because Tag.content_tag wants to escape it
defp json(%Actor{} = group) do
"group.json"