McPringle/fitpub
1
0
Fork 0
Code Issues 24 Pull requests 6 Projects Releases Packages Wiki Activity Actions

UI fixes & updates

Browse source
This commit is contained in:
Tim Zöller 2026-01-09 09:05:51 +01:00
parent 22f7f7c271
commit 6a8598ef30
7 changed files with 118 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/main/resources/templates/users/discover.html
View file

@ -311,7 +311,7 @@
</div>
${actor.bio
? `<p class="card-text small mb-3">${escapeHtml(actor.bio)}</p>`
? `<p class="card-text small mb-3">${sanitizeHtml(actor.bio)}</p>`
: '<p class="card-text small text-muted mb-3 fst-italic">No bio</p>'
}
@ -444,7 +444,7 @@
<!-- Bio -->
${user.bio
? `<p class="card-text small text-muted mb-3 bio-preview">${escapeHtml(user.bio)}</p>`
? `<p class="card-text small text-muted mb-3 bio-preview">${sanitizeHtml(user.bio)}</p>`
: '<p class="card-text small text-muted mb-3 fst-italic">No bio</p>'
}
@ -540,6 +540,15 @@
div.textContent = text;
return div.innerHTML;
}
function sanitizeHtml(html) {
if (!html) return '';
// Use DOMPurify to sanitize HTML, allowing safe tags like p, br, a
return DOMPurify.sanitize(html, {
ALLOWED_TAGS: ['p', 'br', 'a', 'strong', 'em', 'b', 'i', 'span'],
ALLOWED_ATTR: ['href', 'class', 'rel', 'target']
});
}
</script>
<style>