GNUsocial/gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

[Posting] Don't sanitize on storage

Browse Source 
We prefer to have the original input in database and sanitize on output when appropriate
This commit is contained in:
Diogo Peralta Cordeiro 2021-05-01 22:53:08 +01:00 committed by Hugo Sales
parent 8f43c8b405
commit ab060332f0
Signed by: someonewithpc
GPG Key ID: 7D0C7EAFC9D835A0
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
components/Posting/Posting.php
View File

@ -104,7 +104,6 @@ END;
*/ */
public static function storeNote(int $actor_id, ?string $content, array $attachments, bool $is_local, ?int $reply_to = null, ?int $repeat_of = null) public static function storeNote(int $actor_id, ?string $content, array $attachments, bool $is_local, ?int $reply_to = null, ?int $repeat_of = null)
{ {
$content = Security::sanitize($content);
$note = Note::create([ $note = Note::create([
'gsactor_id' => $actor_id, 'gsactor_id' => $actor_id,
'content' => $content, 'content' => $content,