get_interface_language,
local_site_to_slur_regex,
local_user_view_from_jwt,
+ sanitize_html,
send_email_to_user,
EndpointType,
},
let local_user_view = local_user_view_from_jwt(&data.auth, context).await?;
let local_site = LocalSite::read(&mut context.pool()).await?;
- let content_slurs_removed = remove_slurs(
- &data.content.clone(),
- &local_site_to_slur_regex(&local_site),
- );
- is_valid_body_field(&Some(content_slurs_removed.clone()), false)?;
+ let content = sanitize_html(&data.content);
+ let content = remove_slurs(&content, &local_site_to_slur_regex(&local_site));
+ is_valid_body_field(&Some(content.clone()), false)?;
check_person_block(
local_user_view.person.id,
.await?;
let private_message_form = PrivateMessageInsertForm::builder()
- .content(content_slurs_removed.clone())
+ .content(content.clone())
.creator_id(local_user_view.person.id)
.recipient_id(data.recipient_id)
.build();
send_email_to_user(
&local_recipient,
&lang.notification_private_message_subject(sender_name),
- &lang.notification_private_message_body(inbox_link, &content_slurs_removed, sender_name),
+ &lang.notification_private_message_body(inbox_link, &content, sender_name),
context.settings(),
)
.await;