aboutsummaryrefslogtreecommitdiff
path: root/templates
diff options
context:
space:
mode:
authorr <r@freesoftwareextremist.com>2021-11-16 15:29:27 +0000
committerr <r@freesoftwareextremist.com>2021-11-16 15:29:27 +0000
commitb2a9e44db1a703fe0150c5aef7097020a9e1550d (patch)
treebf2e1b5baa6379e6d8c70b786218e3c4b7c6606b /templates
parent4d68062f2d0525a9d2a40e50d60ea9b25daae9ad (diff)
downloadbloat-b2a9e44db1a703fe0150c5aef7097020a9e1550d.tar.gz
bloat-b2a9e44db1a703fe0150c5aef7097020a9e1550d.zip
Escape user display name
Diffstat (limited to 'templates')
-rw-r--r--templates/nav.tmpl2
-rw-r--r--templates/notification.tmpl4
-rw-r--r--templates/requestlist.tmpl2
-rw-r--r--templates/status.tmpl4
-rw-r--r--templates/user.tmpl2
-rw-r--r--templates/userlist.tmpl2
-rw-r--r--templates/usersearch.tmpl2
7 files changed, 9 insertions, 9 deletions
diff --git a/templates/nav.tmpl b/templates/nav.tmpl
index cbf65c9..ea18a5f 100644
--- a/templates/nav.tmpl
+++ b/templates/nav.tmpl
@@ -8,7 +8,7 @@
</div>
<div class="user-info-details-container">
<div class="user-info-details-name">
- <bdi class="status-dname"> {{EmojiFilter .User.DisplayName .User.Emojis}} </bdi>
+ <bdi class="status-dname"> {{EmojiFilter (html .User.DisplayName) .User.Emojis}} </bdi>
<a class="nav-link" href="/user/{{.User.ID}}" accesskey="0" title="User profile (0)">
<span class="status-uname"> @{{.User.Acct}} </span>
</a>
diff --git a/templates/notification.tmpl b/templates/notification.tmpl
index 2778ef0..8ed4dd6 100644
--- a/templates/notification.tmpl
+++ b/templates/notification.tmpl
@@ -28,7 +28,7 @@
</div>
<div class="notification-follow">
<div class="notification-info-text">
- <bdi class="status-dname"> {{EmojiFilter .Account.DisplayName .Account.Emojis}} </bdi>
+ <bdi class="status-dname"> {{EmojiFilter (html .Account.DisplayName) .Account.Emojis}} </bdi>
<span class="notification-text"> followed you -
<time datetime="{{FormatTimeRFC3339 .CreatedAt}}" title="{{FormatTimeRFC822 .CreatedAt}}">{{TimeSince .CreatedAt}}</time>
</span>
@@ -48,7 +48,7 @@
</div>
<div class="notification-follow">
<div class="notification-info-text">
- <bdi class="status-dname"> {{EmojiFilter .Account.DisplayName .Account.Emojis}} </bdi>
+ <bdi class="status-dname"> {{EmojiFilter (html .Account.DisplayName) .Account.Emojis}} </bdi>
<span class="notification-text"> wants to follow you -
<time datetime="{{FormatTimeRFC3339 .CreatedAt}}" title="{{FormatTimeRFC822 .CreatedAt}}">{{TimeSince .CreatedAt}}</time>
</span>
diff --git a/templates/requestlist.tmpl b/templates/requestlist.tmpl
index 8142620..d9b2b0a 100644
--- a/templates/requestlist.tmpl
+++ b/templates/requestlist.tmpl
@@ -9,7 +9,7 @@
</div>
<div class="user-list-name">
<div>
- <div class="status-dname"> {{EmojiFilter .DisplayName .Emojis}} </div>
+ <div class="status-dname"> {{EmojiFilter (html .DisplayName) .Emojis}} </div>
<a class="img-link" href="/user/{{.ID}}">
<div class="status-uname"> @{{.Acct}} </div>
</a>
diff --git a/templates/status.tmpl b/templates/status.tmpl
index a7cc10d..c79633f 100644
--- a/templates/status.tmpl
+++ b/templates/status.tmpl
@@ -5,7 +5,7 @@
<a class="img-link" href="/user/{{.Account.ID}}">
<img class="status-profile-img" src="{{.Account.Avatar}}" title="@{{.Account.Acct}}" alt="avatar" height="24" />
</a>
- <bdi class="status-dname"> {{EmojiFilter .Account.DisplayName .Account.Emojis}} </bdi>
+ <bdi class="status-dname"> {{EmojiFilter (html .Account.DisplayName) .Account.Emojis}} </bdi>
<a href="/user/{{.Account.ID}}">
<span class="status-uname"> @{{.Account.Acct}} </span>
</a>
@@ -23,7 +23,7 @@
</div>
<div class="status">
<div class="status-name">
- <bdi class="status-dname"> {{EmojiFilter .Account.DisplayName .Account.Emojis}} </bdi>
+ <bdi class="status-dname"> {{EmojiFilter (html .Account.DisplayName) .Account.Emojis}} </bdi>
<a href="/user/{{.Account.ID}}">
<span class="status-uname"> @{{.Account.Acct}} </span>
</a>
diff --git a/templates/user.tmpl b/templates/user.tmpl
index 32b5681..2532a91 100644
--- a/templates/user.tmpl
+++ b/templates/user.tmpl
@@ -11,7 +11,7 @@
</div>
<div class="user-profile-details-container">
<div>
- <bdi class="status-dname"> {{EmojiFilter .User.DisplayName .User.Emojis}} </bdi>
+ <bdi class="status-dname"> {{EmojiFilter (html .User.DisplayName) .User.Emojis}} </bdi>
<span class="status-uname"> @{{.User.Acct}} </span>
<a class="remote-link" href="{{.User.URL}}" target="_blank" title="remote profile">
source
diff --git a/templates/userlist.tmpl b/templates/userlist.tmpl
index 3f75085..b8e0e5d 100644
--- a/templates/userlist.tmpl
+++ b/templates/userlist.tmpl
@@ -8,7 +8,7 @@
</a>
</div>
<div class="user-list-name">
- <div class="status-dname"> {{EmojiFilter .DisplayName .Emojis}} </div>
+ <div class="status-dname"> {{EmojiFilter (html .DisplayName) .Emojis}} </div>
<a class="img-link" href="/user/{{.ID}}">
<div class="status-uname"> @{{.Acct}} </div>
</a>
diff --git a/templates/usersearch.tmpl b/templates/usersearch.tmpl
index ee84143..e95129c 100644
--- a/templates/usersearch.tmpl
+++ b/templates/usersearch.tmpl
@@ -1,6 +1,6 @@
{{with .Data}}
{{template "header.tmpl" (WithContext .CommonData $.Ctx)}}
-<div class="page-title"> Search {{EmojiFilter .User.DisplayName .User.Emojis}}'s statuses </div>
+<div class="page-title"> Search {{EmojiFilter (html .User.DisplayName) .User.Emojis}}'s statuses </div>
<form class="search-form" action="/usersearch/{{.User.ID}}" method="GET">
<span class="post-form-field>