is_admin,
local_site_to_slur_regex,
local_user_view_from_jwt,
+ sanitize_html,
+ sanitize_html_opt,
EndpointType,
},
};
let icon = diesel_option_overwrite_to_url_create(&data.icon)?;
let banner = diesel_option_overwrite_to_url_create(&data.banner)?;
+ let name = sanitize_html(&data.name);
+ let title = sanitize_html(&data.title);
+ let description = sanitize_html_opt(&data.description);
+
let slur_regex = local_site_to_slur_regex(&local_site);
- check_slurs(&data.name, &slur_regex)?;
- check_slurs(&data.title, &slur_regex)?;
- check_slurs_opt(&data.description, &slur_regex)?;
+ check_slurs(&name, &slur_regex)?;
+ check_slurs(&title, &slur_regex)?;
+ check_slurs_opt(&description, &slur_regex)?;
is_valid_actor_name(&data.name, local_site.actor_name_max_length as usize)?;
is_valid_body_field(&data.description, false)?;
let keypair = generate_actor_keypair()?;
let community_form = CommunityInsertForm::builder()
- .name(data.name.clone())
- .title(data.title.clone())
- .description(data.description.clone())
+ .name(name)
+ .title(title)
+ .description(description)
.icon(icon)
.banner(banner)
.nsfw(data.nsfw)