Decode HTML entities when sanitized

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2021-03-29 19:26:49 +02:00
parent 69339700cd
commit 8e6aa8c85c
No known key found for this signature in database
GPG Key ID: A061B9DDE0CA0773
3 changed files with 3 additions and 2 deletions

View File

@ -17,7 +17,7 @@ defmodule Mobilizon.Service.Formatter.HTML do
def strip_tags(html) do
case FastSanitize.strip_tags(html) do
{:ok, html} ->
html
HtmlEntities.decode(html)
_ ->
raise "Failed to filter tags"

View File

@ -142,6 +142,7 @@ defmodule Mobilizon.Mixfile do
{:ex_cldr_languages, "~> 0.2.1"},
{:slugger, "~> 0.3"},
{:sentry, "~> 8.0"},
{:html_entities, "~> 0.5"},
# Dev and test dependencies
{:phoenix_live_reload, "~> 1.2", only: [:dev, :e2e]},
{:ex_machina, "~> 2.3", only: [:dev, :test]},

View File

@ -17,7 +17,7 @@ defmodule Mobilizon.Service.Metadata.UtilsTest do
"<h1>Biography</h1><p>It all started when someone wanted a <b>very long string</b> to be cut. However it's difficult to invent things to write when you've got nothing to say. Anyway, what's the deal here. We just need to reach 200 characters.",
"fr"
) ==
"Biography It all started when someone wanted a very long string to be cut. However it&#39;s difficult to invent things to write when you&#39;ve got nothing to say. Anyway, what&#39;s the deal here. We"
"Biography It all started when someone wanted a very long string to be cut. However it's difficult to invent things to write when you've got nothing to say. Anyway, what's the deal here. We just need to"
end
test "process_description/3 returns default if no description is provided" do