Sanitize HTML in ReportView

Closes #990
This commit is contained in:
rinpatch 2019-06-16 01:30:32 +03:00
parent e943905bd7
commit 641bcaa44e

View file

@ -6,6 +6,7 @@ defmodule Pleroma.Web.AdminAPI.ReportView do
use Pleroma.Web, :view
alias Pleroma.Activity
alias Pleroma.User
alias Pleroma.HTML
alias Pleroma.Web.CommonAPI.Utils
alias Pleroma.Web.MastodonAPI.AccountView
alias Pleroma.Web.MastodonAPI.StatusView
@ -32,7 +33,7 @@ def render("show.json", %{report: report}) do
id: report.id,
account: AccountView.render("account.json", %{user: account}),
actor: AccountView.render("account.json", %{user: user}),
content: report.data["content"],
content: HTML.filter_tags(report.data["content"]),
created_at: created_at,
statuses: StatusView.render("index.json", %{activities: statuses, as: :activity}),
state: report.data["state"]