mirror of
https://github.com/plausible/analytics.git
synced 2024-12-24 01:54:34 +03:00
Fix not so safe input (#4263)
This commit is contained in:
parent
a8b9505208
commit
c59bdd27e4
@ -164,11 +164,14 @@ defmodule Plausible.SiteAdmin do
|
||||
owner = site.owner
|
||||
|
||||
if owner do
|
||||
escaped_name = Phoenix.HTML.html_escape(owner.name) |> Phoenix.HTML.safe_to_string()
|
||||
escaped_email = Phoenix.HTML.html_escape(owner.email) |> Phoenix.HTML.safe_to_string()
|
||||
|
||||
{:safe,
|
||||
"""
|
||||
<a href="/crm/auth/user/#{owner.id}">#{owner.name}</a>
|
||||
<a href="/crm/auth/user/#{owner.id}">#{escaped_name}</a>
|
||||
<br/><br/>
|
||||
#{owner.email}
|
||||
#{escaped_email}
|
||||
"""}
|
||||
end
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user