HTML-sanitize usernames before emojifying.
This commit is contained in:
parent
ed9738e031
commit
37b802682c
|
@ -50,7 +50,7 @@ def render("user.json", %{user: user = %User{}} = assigns) do
|
|||
"friends_count" => user_info[:following_count],
|
||||
"id" => user.id,
|
||||
"name" => user.name,
|
||||
"name_html" => Formatter.emojify(user.name, emoji),
|
||||
"name_html" => HtmlSanitizeEx.strip_tags(user.name) |> Formatter.emojify(emoji),
|
||||
"profile_image_url" => image,
|
||||
"profile_image_url_https" => image,
|
||||
"profile_image_url_profile_size" => image,
|
||||
|
|
Loading…
Reference in a new issue