New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace ammonia lib with manual html escaping (fixes #3774) #3938
Conversation
} | ||
|
||
pub fn sanitize_html_federation_opt(data: &Option<String>) -> Option<String> { | ||
data.as_ref().map(|d| sanitize_html_federation(d)) | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Main change here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
Looks like this PR has accidentally removed a table from the diesel schema added in #3927 |
I've added it back in, in the scaled-sort pr. |
The ammonia library is not what we need, for our use case its better to replace problematic HTML characters directly. This should fix all the problems like removing <script> tags from code blocks. Based on my testing, lemmy-ui currently does some html escaping of its own, so we need to get rid of that.