From d81fb987aa5609c291d1c64e692b099f1c0db9c9 Mon Sep 17 00:00:00 2001 From: "maxime.io" <maxime.de.visscher@gmail.com> Date: Mon, 7 Aug 2023 14:22:52 +0200 Subject: [PATCH] Fix sanitize_html whitespaces (#3829) --- crates/api_common/src/utils.rs | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/crates/api_common/src/utils.rs b/crates/api_common/src/utils.rs index f3cebebd..78d7b4ca 100644 --- a/crates/api_common/src/utils.rs +++ b/crates/api_common/src/utils.rs @@ -797,12 +797,14 @@ pub fn generate_moderators_url(community_id: &DbUrl) -> Result<DbUrl, LemmyError /// Sanitize HTML with default options. Additionally, dont allow bypassing markdown /// links and images pub fn sanitize_html(data: &str) -> String { - let sanitized = ammonia::Builder::default() + ammonia::Builder::default() .rm_tags(&["a", "img"]) .clean(data) - .to_string(); - // restore markdown quotes - sanitized.replace(">", ">") + .to_string() + // restore markdown quotes + .replace(">", ">") + // restore white space + .replace(" ", " ") } pub fn sanitize_html_opt(data: &Option<String>) -> Option<String> { @@ -839,5 +841,7 @@ mod tests { assert_eq!(sanitized, " hello"); let sanitized = sanitize_html("<img src='http://example.com'> test"); assert_eq!(sanitized, " test"); + let sanitized = sanitize_html("Hello World"); + assert_eq!(sanitized, "Hello World"); } } -- 2.44.1