nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

CGI::escaping for proper, good juju activity streams

Browse source
This commit is contained in:
maxwell 2010-12-15 12:27:52 -08:00
parent b6754d92b7
commit d5edc9b477
4 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -42,3 +42,4 @@ bin/*
nbproject nbproject
patches-* patches-*
capybara-*.html capybara-*.html
dump.rdb

2
app/models/status_message.rb
View file

@ -24,7 +24,7 @@ class StatusMessage < Post
def to_activity def to_activity
<<-XML <<-XML
<entry> <entry>
<title>#{self.message}</title> <title>#{CGI::escape(self.message)}</title>
<link rel="alternate" type="text/html" href="#{person.url}status_messages/#{self.id}"/> <link rel="alternate" type="text/html" href="#{person.url}status_messages/#{self.id}"/>
<id>#{person.url}status_messages/#{self.id}</id> <id>#{person.url}status_messages/#{self.id}</id>
<published>#{self.created_at.xmlschema}</published> <published>#{self.created_at.xmlschema}</published>

BIN
dump.rdb
View file

Binary file not shown.

2
lib/diaspora/ostatus_builder.rb
View file

@ -33,7 +33,7 @@ module Diaspora
<subtitle>Posts from Diaspora</subtitle> <subtitle>Posts from Diaspora</subtitle>
<updated>#{Time.now.xmlschema}</updated> <updated>#{Time.now.xmlschema}</updated>
<author> <author>
<name>#{@user.name}</name> <name>#{CGI::escape(@user.name)}</name>
<uri>#{@user.public_url}</uri> <uri>#{@user.public_url}</uri>
</author> </author>
XML XML