Fix not so safe input (#4263)

This commit is contained in:
Cenk Kücük 2024-06-24 02:10:41 +02:00 committed by GitHub
parent a8b9505208
commit c59bdd27e4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -164,11 +164,14 @@ defmodule Plausible.SiteAdmin do
owner = site.owner owner = site.owner
if owner do if owner do
escaped_name = Phoenix.HTML.html_escape(owner.name) |> Phoenix.HTML.safe_to_string()
escaped_email = Phoenix.HTML.html_escape(owner.email) |> Phoenix.HTML.safe_to_string()
{:safe, {:safe,
""" """
<a href="/crm/auth/user/#{owner.id}">#{owner.name}</a> <a href="/crm/auth/user/#{owner.id}">#{escaped_name}</a>
<br/><br/> <br/><br/>
#{owner.email} #{escaped_email}
"""} """}
end end
end end