YGGverse/YGGtracker
1
0
Fork 0
mirror of https://github.com/YGGverse/YGGtracker.git synced 2026-03-31 17:15:38 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

allow markdown from whitelist only

Browse source
This commit is contained in:
ghost 2023-12-08 20:06:47 +02:00
parent 9d596de610
commit 3c6b1d6ab7
1 changed files with 6 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

15
templates/default/torrent/info.html.twig
View file

@ -238,9 +238,8 @@
{{ 'Source' | trans }}
</td>
<td>
{# disable markdown as unsafe for unfiltered content #}
{#{{ file.source | url_to_markdown | markdown_to_html }}#}
{{ file.source }}
{# strip all tags then apply whitelist markdown filters to prevent ping from remote #}
{{ file.source | striptags | markdown_to_html | striptags | url_to_markdown | markdown_to_html }}
</td>
</tr>
{% endif %}
@ -250,9 +249,8 @@
{{ 'Software' | trans }}
</td>
<td>
{# disable markdown as unsafe for unfiltered content #}
{#{{ file.software | url_to_markdown | markdown_to_html }}#}
{{ file.software }}
{# strip all tags then apply whitelist markdown filters to prevent ping from remote #}
{{ file.software | striptags | markdown_to_html | striptags | url_to_markdown | markdown_to_html }}
</td>
</tr>
{% endif %}
@ -262,9 +260,8 @@
{{ 'Comment' | trans }}
</td>
<td>
{# disable markdown as unsafe for unfiltered content #}
{#{{ file.comment | url_to_markdown | markdown_to_html }}#}
{{ file.comment }}
{# strip all tags then apply whitelist markdown filters to prevent ping from remote #}
{{ file.comment | striptags | markdown_to_html | striptags | url_to_markdown | markdown_to_html }}
</td>
</tr>
{% endif %}