fix: profile settings html sanitization

2025-05-13 18:50:36 -04:00 · 2025-05-13 18:50:36 -04:00 · 37d034db39
commit 37d034db39
parent d1e8e2b27c
7 changed files with 6 additions and 66 deletions
--- a/crates/app/src/sanitize.rs
+++ b/crates/app/src/sanitize.rs
@ -1,5 +1,4 @@
 use ammonia::Builder;
-use tetratto_core::model::{auth::UserSettings, communities::CommunityContext};

 /// Escape profile colors
 pub fn color_escape(color: &str) -> String {
@ -27,56 +26,3 @@ pub fn remove_tags(input: &str) -> String {
        .replace("&amp;", "&")
        .replace("</script>", "</not-script")
 }
-
-fn clean_single(input: &str) -> String {
-    input
-        .replace("<", "&lt;")
-        .replace(">", "&gt;")
-        .replace("url(\"", "url(\"/api/v0/util/ext/image?img=")
-        .replace("url(https://", "url(/api/v0/util/ext/image?img=https://")
-        .replace("<style>", "")
-        .replace("</style>", "")
-}
-
-/// Clean user settings
-pub fn clean_settings(settings: &UserSettings) -> String {
-    remove_tags(&serde_json::to_string(&clean_settings_raw(settings)).unwrap())
-        .replace("\u{200d}", "")
-        // how do you end up with these in your settings?
-        .replace("\u{0010}", "")
-        .replace("\u{0011}", "")
-        .replace("\u{0012}", "")
-        .replace("\u{0013}", "")
-        .replace("\u{0014}", "")
-}
-
-/// Clean user settings row
-pub fn clean_settings_raw(settings: &UserSettings) -> UserSettings {
-    let mut settings = settings.to_owned();
-
-    settings.biography = clean_single(&settings.biography);
-    settings.theme_hue = clean_single(&settings.theme_hue);
-    settings.theme_sat = clean_single(&settings.theme_sat);
-    settings.theme_lit = clean_single(&settings.theme_lit);
-
-    settings
-}
-
-/// Clean community context
-pub fn clean_context(context: &CommunityContext) -> String {
-    remove_tags(&serde_json::to_string(&clean_context_raw(context)).unwrap())
-        .replace("\u{200d}", "")
-        // how do you end up with these in your settings?
-        .replace("\u{0010}", "")
-        .replace("\u{0011}", "")
-        .replace("\u{0012}", "")
-        .replace("\u{0013}", "")
-        .replace("\u{0014}", "")
-}
-
-/// Clean community context row
-pub fn clean_context_raw(context: &CommunityContext) -> CommunityContext {
-    let mut context = context.to_owned();
-    context.description = clean_single(&context.description);
-    context
-}