YGGverse/YGGtracker
1
0
Fork 0
mirror of https://github.com/YGGverse/YGGtracker.git synced 2025-03-09 03:51:10 +00:00
Code Issues Projects Releases Wiki Activity

allow markdown from whitelist only

Browse Source
This commit is contained in:
ghost 2023-12-08 20:06:47 +02:00
parent 9d596de610
commit 3c6b1d6ab7
1 changed files with 6 additions and 9 deletions

15
templates/default/torrent/info.html.twig

@ -238,9 +238,8 @@
{{ 'Source' | trans }} {{ 'Source' | trans }}
</td> </td>
<td> <td>
{# disable markdown as unsafe for unfiltered content #} {# strip all tags then apply whitelist markdown filters to prevent ping from remote #}
{#{{ file.source | url_to_markdown | markdown_to_html }}#} {{ file.source | striptags | markdown_to_html | striptags | url_to_markdown | markdown_to_html }}
{{ file.source }}
</td> </td>
</tr> </tr>
{% endif %} {% endif %}
@ -250,9 +249,8 @@
{{ 'Software' | trans }} {{ 'Software' | trans }}
</td> </td>
<td> <td>
{# disable markdown as unsafe for unfiltered content #} {# strip all tags then apply whitelist markdown filters to prevent ping from remote #}
{#{{ file.software | url_to_markdown | markdown_to_html }}#} {{ file.software | striptags | markdown_to_html | striptags | url_to_markdown | markdown_to_html }}
{{ file.software }}
</td> </td>
</tr> </tr>
{% endif %} {% endif %}
@ -262,9 +260,8 @@
{{ 'Comment' | trans }} {{ 'Comment' | trans }}
</td> </td>
<td> <td>
{# disable markdown as unsafe for unfiltered content #} {# strip all tags then apply whitelist markdown filters to prevent ping from remote #}
{#{{ file.comment | url_to_markdown | markdown_to_html }}#} {{ file.comment | striptags | markdown_to_html | striptags | url_to_markdown | markdown_to_html }}
{{ file.comment }}
</td> </td>
</tr> </tr>
{% endif %} {% endif %}