No XSS

actions/inbox/Create.php

@@ -144,7 +144,7 @@ ToSelector::fillActivity($this, $act, $options);
 
 $actobj = new ActivityObject();
 $actobj->type = ActivityObject::NOTE;
-$actobj->content = $content; //common_render_content($content, $actor_profile, $inReplyTo);
+$actobj->content = strip_tags($content,'<p><b><i><u><a><ul><ol><li>');
 
 // Finally add the activity object to our activity
 $act->objects[] = $actobj;

actions/inbox/Like.php

@@ -36,7 +36,7 @@ try {
         ActivityPubReturn::error("Invalid Object specified.");
     }
     Fave::addNew($actor_profile, $object_notice);
-    ActivityPubReturn::answer(Activitypub_like::like_to_array($data->actor, $object_notice));
+    ActivityPubReturn::answer(Activitypub_like::like_to_array($data->actor, $data->object));
 } catch (Exception $e) {
     ActivityPubReturn::error($e->getMessage(), 403);
 }

actions/inbox/Undo.php

@@ -76,11 +76,11 @@ case "Follow":
                                             Activitypub_accept::accept_to_array(
                                              Activitypub_follow::follow_to_array(
                                                  $actor_profile->getUrl(),
-                                                                                  $object_profile->getUrl()
+                                                 $object_profile->getUrl()
                                              )
                                             )
-                )
-                                          );
+                    )
+            );
         } else {
             ActivityPubReturn::error("You are not following this person already.", 409);
         }