HTML-sanitize usernames before emojifying.

This commit is contained in:
eal 2018-08-09 13:07:03 +03:00
parent ed9738e031
commit 37b802682c

View file

@ -50,7 +50,7 @@ def render("user.json", %{user: user = %User{}} = assigns) do
"friends_count" => user_info[:following_count], "friends_count" => user_info[:following_count],
"id" => user.id, "id" => user.id,
"name" => user.name, "name" => user.name,
"name_html" => Formatter.emojify(user.name, emoji), "name_html" => HtmlSanitizeEx.strip_tags(user.name) |> Formatter.emojify(emoji),
"profile_image_url" => image, "profile_image_url" => image,
"profile_image_url_https" => image, "profile_image_url_https" => image,
"profile_image_url_profile_size" => image, "profile_image_url_profile_size" => image,