refactor(web/user/info): drop DOMPurify

This commit is contained in:
Baoshuo Ren 2022-10-08 19:38:50 +08:00
parent 1383580a8b
commit 8b97bdf55e
Signed by: baoshuo
GPG Key ID: 00CB9680AB29F51A
2 changed files with 4 additions and 10 deletions

View File

@ -59,11 +59,7 @@
</div>
<div class="list-group-item">
<h4 class="list-group-item-heading"><?= UOJLocale::get('motto') ?></h4>
<?php $motto_id = uniqid("motto-{$user['username']}-"); ?>
<p class="list-group-item-text" id="<?= $motto_id ?>"></p>
<script type="text/javascript">
$(function() { $('#<?= $motto_id ?>').html(DOMPurify.sanitize('<?= addslashes($user['motto']) ?>', <?= DOM_SANITIZE_CONFIG ?>)); });
</script>
<div class="list-group-item-text"><?= HTML::pruifier()->purify($user['motto']) ?></div>
</div>
<?php if (isSuperUser($myUser)): ?>

View File

@ -81,11 +81,9 @@ function fTime($time, $gran = -1) {
<?php endif ?>
</span>
</h3>
<?php $motto_id = uniqid("motto-{$user['username']}-"); ?>
<div class="card-text" id="<?= $motto_id ?>"></div>
<script type="text/javascript">
$(function() { $('#<?= $motto_id ?>').html(DOMPurify.sanitize(decodeURIComponent("<?= rawurlencode($user['motto']) ?>"), <?= DOM_SANITIZE_CONFIG ?>)); });
</script>
<div class="card-text">
<?= HTML::pruifier()->purify($user['motto']) ?>
</div>
</div>
<ul class="list-group list-group-flush">
<?php if ($user['realname']): ?>