hamlab/mobilizon-frontend
2
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Make sure title is properly sanitized

Browse Source 
Close #247

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel
2019-10-16 19:03:31 +02:00
parent ff064188e1
commit 8094f1d80a
3 changed files with 62 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/mobilizon_web/api/events.ex
View File

@@ -73,7 +73,7 @@ defmodule MobilizonWeb.API.Events do
defp prepare_args(args) do
with %Actor{} = organizer_actor <- Map.get(args, :organizer_actor),
title <- args |> Map.get(:title, "") |> String.trim(),
title <- args |> Map.get(:title, "") |> HtmlSanitizeEx.strip_tags() |> String.trim(),
visibility <- Map.get(args, :visibility, :public),
description <- Map.get(args, :description),
tags <- Map.get(args, :tags),