B Preload: Make sure that the preloaded json is html safe

author: Lain Soykaf <lain@lain.com> 2023-06-02 17:03:21 +0400
committer: Lain Soykaf <lain@lain.com> 2023-06-02 17:03:21 +0400
commit: cbc5b8cebd9255e0c49e8fb02daed4680be1d336 (patch)
tree: ec2a7b2c5d4418ef5915073eb42185ea5c0afd14
parent: e8d35256653d196fd7c0daba8673a74dfe40a8e8 (diff)
download: pleroma-cbc5b8cebd9255e0c49e8fb02daed4680be1d336.tar.gz
pleroma-cbc5b8cebd9255e0c49e8fb02daed4680be1d336.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/pleroma/web/preload.ex b/lib/pleroma/web/preload.ex
index 4485383f9..6a4a8885e 100644
--- a/lib/pleroma/web/preload.ex
+++ b/lib/pleroma/web/preload.ex
@@ -11,7 +11,7 @@ defmodule Pleroma.Web.Preload do
         terms =
           params
           |> parser.generate_terms()
-          |> Enum.map(fn {k, v} -> {k, Base.encode64(Jason.encode!(v))} end)
+          |> Enum.map(fn {k, v} -> {k, Base.encode64(Jason.encode!(v, escape: :html_safe))} end)
           |> Enum.into(%{})
 
         Map.merge(acc, terms)
@@ -19,7 +19,7 @@ defmodule Pleroma.Web.Preload do
 
     rendered_html =
       preload_data
-      |> Jason.encode!()
+      |> Jason.encode!(escape: :html_safe)
       |> build_script_tag()
       |> HTML.safe_to_string()
author	Lain Soykaf <lain@lain.com>	2023-06-02 17:03:21 +0400
committer	Lain Soykaf <lain@lain.com>	2023-06-02 17:03:21 +0400
commit	cbc5b8cebd9255e0c49e8fb02daed4680be1d336 (patch)
tree	ec2a7b2c5d4418ef5915073eb42185ea5c0afd14
parent	e8d35256653d196fd7c0daba8673a74dfe40a8e8 (diff)
download	pleroma-cbc5b8cebd9255e0c49e8fb02daed4680be1d336.tar.gz pleroma-cbc5b8cebd9255e0c49e8fb02daed4680be1d336.zip