From 0c221943ef588df195a0e36da4d95e164e3094f2 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Sat, 21 Apr 2018 18:24:45 +0200
Subject: Formatter: Use proper escaping for links.

---
 lib/pleroma/formatter.ex | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'lib')

diff --git a/lib/pleroma/formatter.ex b/lib/pleroma/formatter.ex
index 515909af1..a708a275e 100644
--- a/lib/pleroma/formatter.ex
+++ b/lib/pleroma/formatter.ex
@@ -144,7 +144,7 @@ defmodule Pleroma.Formatter do
     @emoji
   end
 
-  @link_regex ~r/https?:\/\/[\w\.\/?=\-#\+%&@~\(\):]+[\w\/]/u
+  @link_regex ~r/https?:\/\/[\w\.\/?=\-#\+%&@~'\(\):]+[\w\/]/u
 
   def html_escape(text) do
     Regex.split(@link_regex, text, include_captures: true)
@@ -168,7 +168,10 @@ defmodule Pleroma.Formatter do
     subs =
       subs ++
         Enum.map(links, fn {uuid, url} ->
-          {uuid, "<a href='#{url}'>#{url}</a>"}
+          {:safe, link} = Phoenix.HTML.Link.link(url, to: url)
+          link = link
+          |> IO.iodata_to_binary
+          {uuid, link}
         end)
 
     {subs, uuid_text}
-- 
cgit v1.2.3