hamlab/mobilizon-frontend
2
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Correctly escape user-defined names in emails

Browse Source 
Closes #1151

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel
2022-10-31 13:00:45 +01:00
parent 695d773d50
commit 470a3e594b
28 changed files with 162 additions and 118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/service/metadata/comment.ex
View File

@@ -1,11 +1,13 @@
defimpl Mobilizon.Service.Metadata, for: Mobilizon.Discussions.Comment do
alias Phoenix.HTML.Tag
alias Mobilizon.Actors.Actor
alias Mobilizon.Discussions.Comment
import Mobilizon.Service.Metadata.Utils, only: [escape_text: 1]
@spec build_tags(Comment.t(), String.t()) :: list(Phoenix.HTML.safe())
def build_tags(%Comment{deleted_at: nil} = comment, _locale) do
[
Tag.tag(:meta, property: "og:title", content: comment.actor.preferred_username),
Tag.tag(:meta, property: "og:title", content: escape_text(Actor.display_name(comment.actor))),
Tag.tag(:meta, property: "og:url", content: comment.url),
Tag.tag(:meta, property: "og:description", content: comment.text),
Tag.tag(:meta, property: "og:type", content: "website"),