about summary refs log tree commit diff
path: root/app
diff options
context:
space:
mode:
authorunarist <m.unarist@gmail.com>2017-09-17 04:33:52 +0900
committerEugen Rochko <eugen@zeonfederated.com>2017-09-16 21:33:52 +0200
commitec36df97c4ea3da4bc177a96050c54cf8f35ba25 (patch)
tree93e6e8172fc06de2e43df6c0bbf5c2788a576e61 /app
parentc8969dca3581cb82c5787f37bb4022f7af74cd15 (diff)
Escape URL parts on formatting local status (#4975)
Diffstat (limited to 'app')
-rw-r--r--app/lib/formatter.rb2
1 files changed, 1 insertions, 1 deletions
diff --git a/app/lib/formatter.rb b/app/lib/formatter.rb
index d9f843f44..575830190 100644
--- a/app/lib/formatter.rb
+++ b/app/lib/formatter.rb
@@ -137,7 +137,7 @@ class Formatter
     suffix = url[prefix.length + 30..-1]
     cutoff = url[prefix.length..-1].length > 30
 
-    "<span class=\"invisible\">#{prefix}</span><span class=\"#{cutoff ? 'ellipsis' : ''}\">#{text}</span><span class=\"invisible\">#{suffix}</span>"
+    "<span class=\"invisible\">#{encode(prefix)}</span><span class=\"#{cutoff ? 'ellipsis' : ''}\">#{encode(text)}</span><span class=\"invisible\">#{encode(suffix)}</span>"
   end
 
   def hashtag_html(tag)