Merge pull request from GHSA-55j9-c3mp-6fcq
This commit is contained in:
		
							parent
							
								
									c5929798bf
								
							
						
					
					
						commit
						610731b03d
					
				
					 2 changed files with 26 additions and 14 deletions
				
			
		|  | @ -54,6 +54,10 @@ module FormattingHelper | |||
|   end | ||||
| 
 | ||||
|   def account_field_value_format(field, with_rel_me: true) | ||||
|     html_aware_format(field.value, field.account.local?, with_rel_me: with_rel_me, with_domains: true, multiline: false) | ||||
|     if field.verified? && !field.account.local? | ||||
|       TextFormatter.shortened_link(field.value_for_verification) | ||||
|     else | ||||
|       html_aware_format(field.value, field.account.local?, with_rel_me: with_rel_me, with_domains: true, multiline: false) | ||||
|     end | ||||
|   end | ||||
| end | ||||
|  |  | |||
|  | @ -48,6 +48,26 @@ class TextFormatter | |||
|     html.html_safe # rubocop:disable Rails/OutputSafety | ||||
|   end | ||||
| 
 | ||||
|   class << self | ||||
|     include ERB::Util | ||||
| 
 | ||||
|     def shortened_link(url, rel_me: false) | ||||
|       url = Addressable::URI.parse(url).to_s | ||||
|       rel = rel_me ? (DEFAULT_REL + %w(me)) : DEFAULT_REL | ||||
| 
 | ||||
|       prefix      = url.match(URL_PREFIX_REGEX).to_s | ||||
|       display_url = url[prefix.length, 30] | ||||
|       suffix      = url[prefix.length + 30..-1] | ||||
|       cutoff      = url[prefix.length..-1].length > 30 | ||||
| 
 | ||||
|       <<~HTML.squish | ||||
|         <a href="#{h(url)}" target="_blank" rel="#{rel.join(' ')}" translate="no"><span class="invisible">#{h(prefix)}</span><span class="#{cutoff ? 'ellipsis' : ''}">#{h(display_url)}</span><span class="invisible">#{h(suffix)}</span></a> | ||||
|       HTML | ||||
|     rescue Addressable::URI::InvalidURIError, IDN::Idna::IdnaError | ||||
|       h(url) | ||||
|     end | ||||
|   end | ||||
| 
 | ||||
|   private | ||||
| 
 | ||||
|   def rewrite | ||||
|  | @ -70,19 +90,7 @@ class TextFormatter | |||
|   end | ||||
| 
 | ||||
|   def link_to_url(entity) | ||||
|     url = Addressable::URI.parse(entity[:url]).to_s | ||||
|     rel = with_rel_me? ? (DEFAULT_REL + %w(me)) : DEFAULT_REL | ||||
| 
 | ||||
|     prefix      = url.match(URL_PREFIX_REGEX).to_s | ||||
|     display_url = url[prefix.length, 30] | ||||
|     suffix      = url[prefix.length + 30..-1] | ||||
|     cutoff      = url[prefix.length..-1].length > 30 | ||||
| 
 | ||||
|     <<~HTML.squish | ||||
|       <a href="#{h(url)}" target="_blank" rel="#{rel.join(' ')}" translate="no"><span class="invisible">#{h(prefix)}</span><span class="#{cutoff ? 'ellipsis' : ''}">#{h(display_url)}</span><span class="invisible">#{h(suffix)}</span></a> | ||||
|     HTML | ||||
|   rescue Addressable::URI::InvalidURIError, IDN::Idna::IdnaError | ||||
|     h(entity[:url]) | ||||
|     TextFormatter.shortened_link(entity[:url], rel_me: with_rel_me?) | ||||
|   end | ||||
| 
 | ||||
|   def link_to_hashtag(entity) | ||||
|  |  | |||
		Reference in a new issue