Fix not so safe input (#4263)

This commit is contained in:
Cenk Kücük 2024-06-24 02:10:41 +02:00 committed by GitHub
parent a8b9505208
commit c59bdd27e4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -164,11 +164,14 @@ defmodule Plausible.SiteAdmin do
owner = site.owner
if owner do
escaped_name = Phoenix.HTML.html_escape(owner.name) |> Phoenix.HTML.safe_to_string()
escaped_email = Phoenix.HTML.html_escape(owner.email) |> Phoenix.HTML.safe_to_string()
{:safe,
"""
<a href="/crm/auth/user/#{owner.id}">#{owner.name}</a>
<a href="/crm/auth/user/#{owner.id}">#{escaped_name}</a>
<br/><br/>
#{owner.email}
#{escaped_email}
"""}
end
end