~vpzom/lotide

cb2a69cef6acc0f89efa8a8d0fb95ebb232819be — Colin Reeder 8 days ago 408622f
Apply sanitization to comment content
4 files changed, 16 insertions(+), 7 deletions(-)

M src/routes/api/comments.rs
M src/routes/api/mod.rs
M src/routes/api/posts.rs
M src/routes/api/users.rs
M src/routes/api/comments.rs => src/routes/api/comments.rs +3 -1
@@ 109,7 109,9 @@ async fn route_unstable_comments_get(
                    base: RespMinimalCommentInfo {
                        id: comment_id,
                        content_text: row.get::<_, Option<&str>>(2).map(Cow::Borrowed),
                        content_html: row.get::<_, Option<&str>>(5).map(Cow::Borrowed),
                        content_html_safe: row
                            .get::<_, Option<&str>>(5)
                            .map(|html| ammonia::clean(&html)),
                    },

                    author,

M src/routes/api/mod.rs => src/routes/api/mod.rs +3 -2
@@ 112,7 112,8 @@ struct RespPostListPost<'a> {
struct RespMinimalCommentInfo<'a> {
    id: CommentLocalID,
    content_text: Option<Cow<'a, str>>,
    content_html: Option<Cow<'a, str>>,
    #[serde(rename = "content_html")]
    content_html_safe: Option<String>,
}

#[derive(Serialize)]


@@ 675,7 676,7 @@ async fn get_comments_replies<'a>(
                    base: RespMinimalCommentInfo {
                        id,
                        content_text: content_text.map(From::from),
                        content_html: content_html.map(From::from),
                        content_html_safe: content_html.map(|html| ammonia::clean(&html)),
                    },

                    author,

M src/routes/api/posts.rs => src/routes/api/posts.rs +1 -1
@@ 69,7 69,7 @@ async fn get_post_comments<'a>(
                    base: RespMinimalCommentInfo {
                        id,
                        content_text: content_text.map(From::from),
                        content_html: content_html.map(From::from),
                        content_html_safe: content_html.map(|html| ammonia::clean(&html)),
                    },

                    author,

M src/routes/api/users.rs => src/routes/api/users.rs +9 -3
@@ 340,7 340,9 @@ async fn route_unstable_users_notifications_list(
                            let comment = RespMinimalCommentInfo {
                                id: CommentLocalID(reply_id),
                                content_text: row.get::<_, Option<_>>(3).map(Cow::Borrowed),
                                content_html: row.get::<_, Option<_>>(4).map(Cow::Borrowed),
                                content_html_safe: row
                                    .get::<_, Option<&str>>(4)
                                    .map(|html| ammonia::clean(&html)),
                            };
                            let post = RespMinimalPostInfo {
                                id: PostLocalID(post_id),


@@ 364,7 366,9 @@ async fn route_unstable_users_notifications_list(
                            let reply = RespMinimalCommentInfo {
                                id: CommentLocalID(reply_id),
                                content_text: row.get::<_, Option<_>>(3).map(Cow::Borrowed),
                                content_html: row.get::<_, Option<_>>(4).map(Cow::Borrowed),
                                content_html_safe: row
                                    .get::<_, Option<&str>>(4)
                                    .map(|html| ammonia::clean(&html)),
                            };
                            let parent_id = CommentLocalID(parent_id);
                            let post =


@@ 545,7 549,9 @@ async fn route_unstable_users_things_list(
                    base: RespMinimalCommentInfo {
                        id: CommentLocalID(row.get(1)),
                        content_text: row.get::<_, Option<_>>(2).map(Cow::Borrowed),
                        content_html: row.get::<_, Option<_>>(3).map(Cow::Borrowed),
                        content_html_safe: row
                            .get::<_, Option<&str>>(3)
                            .map(|html| ammonia::clean(&html)),
                    },
                    created,
                    post: RespMinimalPostInfo {