From c8999a116ef71bef2cb28a783e4ba3d8e3cea6fa Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Thu, 24 Mar 2016 12:40:55 +0100
Subject: Sanitize remote html in atom feeds, API (not just UI), use cached
 mention relations on Status#mentions

---
 app/helpers/application_helper.rb    | 8 ++++++++
 app/helpers/atom_builder_helper.rb   | 8 +-------
 app/helpers/stream_entries_helper.rb | 8 --------
 3 files changed, 9 insertions(+), 15 deletions(-)

(limited to 'app/helpers')

diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index dad7ed349..04eec89df 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -12,6 +12,14 @@ module ApplicationHelper
     id.start_with?("tag:#{Rails.configuration.x.local_domain}")
   end
 
+  def content_for_status(actual_status)
+    if actual_status.local?
+      linkify(actual_status)
+    else
+      sanitize(actual_status.content, tags: %w(a br p), attributes: %w(href rel))
+    end
+  end
+
   def linkify(status)
     mention_hash = {}
     status.mentions.each { |m| mention_hash[m.acct] = m }
diff --git a/app/helpers/atom_builder_helper.rb b/app/helpers/atom_builder_helper.rb
index 74c87daaa..51ab4da16 100644
--- a/app/helpers/atom_builder_helper.rb
+++ b/app/helpers/atom_builder_helper.rb
@@ -137,13 +137,7 @@ module AtomBuilderHelper
 
   def conditionally_formatted(activity)
     if activity.is_a?(Status)
-      if activity.reblog? && activity.reblog.local?
-        linkify(activity.reblog)
-      elsif !activity.reblog? && activity.local?
-        linkify(activity)
-      else
-        activity.content
-      end
+      content_for_status(activity.reblog? ? activity.reblog : activity)
     elsif activity.nil?
       nil
     else
diff --git a/app/helpers/stream_entries_helper.rb b/app/helpers/stream_entries_helper.rb
index 28fc41ed5..b044e8a61 100644
--- a/app/helpers/stream_entries_helper.rb
+++ b/app/helpers/stream_entries_helper.rb
@@ -27,12 +27,4 @@ module StreamEntriesHelper
   def favourited_by_me_class(status)
     user_signed_in? && current_user.account.favourited?(status) ? 'favourited' : ''
   end
-
-  def content_for_status(actual_status)
-    if actual_status.local?
-      linkify(actual_status)
-    else
-      sanitize(actual_status.content, tags: %w(a br p), attributes: %w(href rel))
-    end
-  end
 end
-- 
cgit