Fix sanitize_html whitespaces (#3829)
authormaxime.io <maxime.de.visscher@gmail.com>
Mon, 7 Aug 2023 12:22:52 +0000 (14:22 +0200)
committerGitHub <noreply@github.com>
Mon, 7 Aug 2023 12:22:52 +0000 (14:22 +0200)
crates/api_common/src/utils.rs

index f3cebebd24d4487029c6d33e9abdec268373525e..78d7b4caec4e58b62804063ec5400b5f35a2b704 100644 (file)
@@ -797,12 +797,14 @@ pub fn generate_moderators_url(community_id: &DbUrl) -> Result<DbUrl, LemmyError
 /// Sanitize HTML with default options. Additionally, dont allow bypassing markdown
 /// links and images
 pub fn sanitize_html(data: &str) -> String {
-  let sanitized = ammonia::Builder::default()
+  ammonia::Builder::default()
     .rm_tags(&["a", "img"])
     .clean(data)
-    .to_string();
-  // restore markdown quotes
-  sanitized.replace("&gt;", ">")
+    .to_string()
+    // restore markdown quotes
+    .replace("&gt;", ">")
+    // restore white space
+    .replace("&nbsp;", " ")
 }
 
 pub fn sanitize_html_opt(data: &Option<String>) -> Option<String> {
@@ -839,5 +841,7 @@ mod tests {
     assert_eq!(sanitized, " hello");
     let sanitized = sanitize_html("<img src='http://example.com'> test");
     assert_eq!(sanitized, " test");
+    let sanitized = sanitize_html("Hello&nbsp;World");
+    assert_eq!(sanitized, "Hello World");
   }
 }