From df1ce2350ccbedf145ad9a1b98582610cea80604 Mon Sep 17 00:00:00 2001 From: Naoki Kosaka Date: Wed, 20 Sep 2017 00:55:48 +0900 Subject: Fix non-local statuses are html_encoded in public_page. (#5012) --- app/lib/formatter.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app/lib/formatter.rb') diff --git a/app/lib/formatter.rb b/app/lib/formatter.rb index 29fea27de..8d69cb948 100644 --- a/app/lib/formatter.rb +++ b/app/lib/formatter.rb @@ -22,7 +22,7 @@ class Formatter unless status.local? html = reformat(raw_content) html = encode_custom_emojis(html, status.emojis) if options[:custom_emojify] - return html + return html.html_safe # rubocop:disable Rails/OutputSafety end linkable_accounts = status.mentions.map(&:account) @@ -39,7 +39,7 @@ class Formatter end def reformat(html) - sanitize(html, Sanitize::Config::MASTODON_STRICT).html_safe # rubocop:disable Rails/OutputSafety + sanitize(html, Sanitize::Config::MASTODON_STRICT) end def plaintext(status) -- cgit From 9c8e602163811fc9a21c5ae78d53d46d7dbc8db7 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sat, 23 Sep 2017 01:50:17 +0200 Subject: Fix custom emojis not detected when used in content warning (#5049) --- app/lib/formatter.rb | 6 ++++++ app/models/status.rb | 2 +- app/views/stream_entries/_detailed_status.html.haml | 2 +- app/views/stream_entries/_simple_status.html.haml | 2 +- 4 files changed, 9 insertions(+), 3 deletions(-) (limited to 'app/lib/formatter.rb') diff --git a/app/lib/formatter.rb b/app/lib/formatter.rb index 8d69cb948..42cd72990 100644 --- a/app/lib/formatter.rb +++ b/app/lib/formatter.rb @@ -63,6 +63,12 @@ class Formatter Sanitize.fragment(html, config) end + def format_spoiler(status) + html = encode(status.spoiler_text) + html = encode_custom_emojis(html, status.emojis) + html.html_safe # rubocop:disable Rails/OutputSafety + end + private def encode(html) diff --git a/app/models/status.rb b/app/models/status.rb index ca261a201..f11064cbd 100644 --- a/app/models/status.rb +++ b/app/models/status.rb @@ -132,7 +132,7 @@ class Status < ApplicationRecord end def emojis - CustomEmoji.from_text(text, account.domain) + CustomEmoji.from_text([spoiler_text, text].join(' '), account.domain) end after_create :store_uri, if: :local? diff --git a/app/views/stream_entries/_detailed_status.html.haml b/app/views/stream_entries/_detailed_status.html.haml index 6860c6bf3..26e41a10d 100644 --- a/app/views/stream_entries/_detailed_status.html.haml +++ b/app/views/stream_entries/_detailed_status.html.haml @@ -15,7 +15,7 @@ .status__content.p-name.emojify< - if status.spoiler_text? %p{ style: 'margin-bottom: 0' }< - %span.p-summary> #{status.spoiler_text}  + %span.p-summary> #{Formatter.instance.format_spoiler(status)}  %a.status__content__spoiler-link{ href: '#' }= t('statuses.show_more') .e-content{ lang: status.language, style: "display: #{status.spoiler_text? ? 'none' : 'block'}; direction: #{rtl_status?(status) ? 'rtl' : 'ltr'}" }= Formatter.instance.format(status, custom_emojify: true) diff --git a/app/views/stream_entries/_simple_status.html.haml b/app/views/stream_entries/_simple_status.html.haml index c0ea11633..b594c9da6 100644 --- a/app/views/stream_entries/_simple_status.html.haml +++ b/app/views/stream_entries/_simple_status.html.haml @@ -16,7 +16,7 @@ .status__content.p-name.emojify< - if status.spoiler_text? %p{ style: 'margin-bottom: 0' }< - %span.p-summary> #{status.spoiler_text}  + %span.p-summary> #{Formatter.instance.format_spoiler(status)}  %a.status__content__spoiler-link{ href: '#' }= t('statuses.show_more') .e-content{ lang: status.language, style: "display: #{status.spoiler_text? ? 'none' : 'block'}; direction: #{rtl_status?(status) ? 'rtl' : 'ltr'}" }= Formatter.instance.format(status, custom_emojify: true) -- cgit