make blog/instance description a SafeString

long_description & short_description's documentation say they can be
Markdown, but they are String, not SafeString.

This led to escaped strings being printed in the editor
https://github.com/Plume-org/Plume/issues/220
This commit is contained in:
Igor Galić
2018-09-14 15:14:24 +02:00
parent d355379e01
commit f5c299f23c
5 changed files with 15 additions and 12 deletions
+2 -2
View File
@@ -125,8 +125,8 @@ fn update_settings(conn: DbConn, admin: Admin, form: LenientForm<InstanceSetting
instance.update(&*conn,
form.name.clone(),
form.open_registrations,
form.short_description.clone(),
form.long_description.clone());
form.short_description.clone().to_string(),
form.long_description.clone().to_string());
Redirect::to(uri!(admin))
})
.map_err(|e| Template::render("instance/admin", json!({
+3 -2
View File
@@ -6,6 +6,7 @@ use std::io;
use std::path::Path;
use std::process::{exit, Command};
use rpassword;
use plume_models::safe_string::SafeString;
use plume_models::{
DB_URL,
@@ -152,8 +153,8 @@ fn quick_setup(conn: DbConn) {
public_domain: domain,
name: name,
local: true,
long_description: String::new(),
short_description: String::new(),
long_description: SafeString::new(&<String>::new()),
short_description: SafeString::new(&<String>::new()),
default_license: String::from("CC-0"),
open_registrations: true,
short_description_html: String::new(),