Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-26 16:46:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: escape about me on user flags

Browse Source
This commit is contained in:
Barış Soner Uşaklı
2024-12-06 15:43:34 -05:00
parent 59df4f39be
commit 4e69bff72f
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/flags.js
View File

@@ -663,6 +663,7 @@ Flags.canFlag = async function (type, id, uid, skipLimitCheck = false) {
Flags.getTarget = async function (type, id, uid) { Flags.getTarget = async function (type, id, uid) {
if (type === 'user') { if (type === 'user') {
const userData = await user.getUserData(id); const userData = await user.getUserData(id);
userData.aboutme = validator.escape(String(userData.aboutme));
return userData && userData.uid ? userData : {}; return userData && userData.uid ? userData : {};
} }
if (type === 'post') { if (type === 'post') {

2
src/views/flags/detail.tpl
View File

@@ -123,7 +123,7 @@
{{{ end }}} {{{ end }}}
{{{ if type_bool.user }}} {{{ if type_bool.user }}}
<div class="d-flex gap-2"> <div class="d-flex gap-2 align-items-center lh-1 mb-2">
<a href="{config.relative_path}/user/{./target.userslug}">{buildAvatar(target, "16px", true)}</a> <a href="{config.relative_path}/user/{./target.userslug}">{buildAvatar(target, "16px", true)}</a>
<a href="{config.relative_path}/user/{./target.userslug}">{target.username}</a> <a href="{config.relative_path}/user/{./target.userslug}">{target.username}</a>
</div> </div>