From: Mikael Nordfeldth <mmn@hethane.se>
Date: Sat, 5 Dec 2015 14:56:50 +0000 (+0100)
Subject: Remember to purify HTML...
X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=376d545082f027789b59b100b8af572c74e9de62;p=quix0rs-gnu-social.git

Remember to purify HTML...
---

diff --git a/classes/Notice.php b/classes/Notice.php
index 8f4d63c892..6fe2e4c76a 100644
--- a/classes/Notice.php
+++ b/classes/Notice.php
@@ -814,7 +814,7 @@ class Notice extends Managed_DataObject
         // Use the local user's shortening preferences, if applicable.
         $stored->rendered = $actor->isLocal()
                                 ? $actor->shortenLinks($act->content)
-                                : $act->content;
+                                : common_purify($act->content);
         $stored->content = common_strip_html($stored->rendered);
 
         // Maybe a missing act-time should be fatal if the actor is not local?