diff options
| author | r <r@freesoftwareextremist.com> | 2021-11-16 15:29:27 +0000 |
|---|---|---|
| committer | r <r@freesoftwareextremist.com> | 2021-11-16 15:29:27 +0000 |
| commit | b2a9e44db1a703fe0150c5aef7097020a9e1550d (patch) | |
| tree | bf2e1b5baa6379e6d8c70b786218e3c4b7c6606b | |
| parent | 4d68062f2d0525a9d2a40e50d60ea9b25daae9ad (diff) | |
| download | bloat-b2a9e44db1a703fe0150c5aef7097020a9e1550d.tar.gz bloat-b2a9e44db1a703fe0150c5aef7097020a9e1550d.zip | |
Escape user display name
| -rw-r--r-- | templates/nav.tmpl | 2 | ||||
| -rw-r--r-- | templates/notification.tmpl | 4 | ||||
| -rw-r--r-- | templates/requestlist.tmpl | 2 | ||||
| -rw-r--r-- | templates/status.tmpl | 4 | ||||
| -rw-r--r-- | templates/user.tmpl | 2 | ||||
| -rw-r--r-- | templates/userlist.tmpl | 2 | ||||
| -rw-r--r-- | templates/usersearch.tmpl | 2 |
7 files changed, 9 insertions, 9 deletions
diff --git a/templates/nav.tmpl b/templates/nav.tmpl index cbf65c9..ea18a5f 100644 --- a/templates/nav.tmpl +++ b/templates/nav.tmpl @@ -8,7 +8,7 @@ </div> <div class="user-info-details-container"> <div class="user-info-details-name"> - <bdi class="status-dname"> {{EmojiFilter .User.DisplayName .User.Emojis}} </bdi> + <bdi class="status-dname"> {{EmojiFilter (html .User.DisplayName) .User.Emojis}} </bdi> <a class="nav-link" href="/user/{{.User.ID}}" accesskey="0" title="User profile (0)"> <span class="status-uname"> @{{.User.Acct}} </span> </a> diff --git a/templates/notification.tmpl b/templates/notification.tmpl index 2778ef0..8ed4dd6 100644 --- a/templates/notification.tmpl +++ b/templates/notification.tmpl @@ -28,7 +28,7 @@ </div> <div class="notification-follow"> <div class="notification-info-text"> - <bdi class="status-dname"> {{EmojiFilter .Account.DisplayName .Account.Emojis}} </bdi> + <bdi class="status-dname"> {{EmojiFilter (html .Account.DisplayName) .Account.Emojis}} </bdi> <span class="notification-text"> followed you - <time datetime="{{FormatTimeRFC3339 .CreatedAt}}" title="{{FormatTimeRFC822 .CreatedAt}}">{{TimeSince .CreatedAt}}</time> </span> @@ -48,7 +48,7 @@ </div> <div class="notification-follow"> <div class="notification-info-text"> - <bdi class="status-dname"> {{EmojiFilter .Account.DisplayName .Account.Emojis}} </bdi> + <bdi class="status-dname"> {{EmojiFilter (html .Account.DisplayName) .Account.Emojis}} </bdi> <span class="notification-text"> wants to follow you - <time datetime="{{FormatTimeRFC3339 .CreatedAt}}" title="{{FormatTimeRFC822 .CreatedAt}}">{{TimeSince .CreatedAt}}</time> </span> diff --git a/templates/requestlist.tmpl b/templates/requestlist.tmpl index 8142620..d9b2b0a 100644 --- a/templates/requestlist.tmpl +++ b/templates/requestlist.tmpl @@ -9,7 +9,7 @@ </div> <div class="user-list-name"> <div> - <div class="status-dname"> {{EmojiFilter .DisplayName .Emojis}} </div> + <div class="status-dname"> {{EmojiFilter (html .DisplayName) .Emojis}} </div> <a class="img-link" href="/user/{{.ID}}"> <div class="status-uname"> @{{.Acct}} </div> </a> diff --git a/templates/status.tmpl b/templates/status.tmpl index a7cc10d..c79633f 100644 --- a/templates/status.tmpl +++ b/templates/status.tmpl @@ -5,7 +5,7 @@ <a class="img-link" href="/user/{{.Account.ID}}"> <img class="status-profile-img" src="{{.Account.Avatar}}" title="@{{.Account.Acct}}" alt="avatar" height="24" /> </a> - <bdi class="status-dname"> {{EmojiFilter .Account.DisplayName .Account.Emojis}} </bdi> + <bdi class="status-dname"> {{EmojiFilter (html .Account.DisplayName) .Account.Emojis}} </bdi> <a href="/user/{{.Account.ID}}"> <span class="status-uname"> @{{.Account.Acct}} </span> </a> @@ -23,7 +23,7 @@ </div> <div class="status"> <div class="status-name"> - <bdi class="status-dname"> {{EmojiFilter .Account.DisplayName .Account.Emojis}} </bdi> + <bdi class="status-dname"> {{EmojiFilter (html .Account.DisplayName) .Account.Emojis}} </bdi> <a href="/user/{{.Account.ID}}"> <span class="status-uname"> @{{.Account.Acct}} </span> </a> diff --git a/templates/user.tmpl b/templates/user.tmpl index 32b5681..2532a91 100644 --- a/templates/user.tmpl +++ b/templates/user.tmpl @@ -11,7 +11,7 @@ </div> <div class="user-profile-details-container"> <div> - <bdi class="status-dname"> {{EmojiFilter .User.DisplayName .User.Emojis}} </bdi> + <bdi class="status-dname"> {{EmojiFilter (html .User.DisplayName) .User.Emojis}} </bdi> <span class="status-uname"> @{{.User.Acct}} </span> <a class="remote-link" href="{{.User.URL}}" target="_blank" title="remote profile"> source diff --git a/templates/userlist.tmpl b/templates/userlist.tmpl index 3f75085..b8e0e5d 100644 --- a/templates/userlist.tmpl +++ b/templates/userlist.tmpl @@ -8,7 +8,7 @@ </a> </div> <div class="user-list-name"> - <div class="status-dname"> {{EmojiFilter .DisplayName .Emojis}} </div> + <div class="status-dname"> {{EmojiFilter (html .DisplayName) .Emojis}} </div> <a class="img-link" href="/user/{{.ID}}"> <div class="status-uname"> @{{.Acct}} </div> </a> diff --git a/templates/usersearch.tmpl b/templates/usersearch.tmpl index ee84143..e95129c 100644 --- a/templates/usersearch.tmpl +++ b/templates/usersearch.tmpl @@ -1,6 +1,6 @@ {{with .Data}} {{template "header.tmpl" (WithContext .CommonData $.Ctx)}} -<div class="page-title"> Search {{EmojiFilter .User.DisplayName .User.Emojis}}'s statuses </div> +<div class="page-title"> Search {{EmojiFilter (html .User.DisplayName) .User.Emojis}}'s statuses </div> <form class="search-form" action="/usersearch/{{.User.ID}}" method="GET"> <span class="post-form-field> |