zedfrigg/bookwyrm
1
0
Fork 0
Code Activity

Sanitize incoming html

Browse source
This commit is contained in:
Mouse Reeve 2020-12-16 16:47:05 -08:00
parent d79a756813
commit a3c7d324d6
8 changed files with 62 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

2
bookwyrm/models/author.py
View file

@ -25,7 +25,7 @@ class Author(ActivitypubMixin, BookWyrmModel):
aliases = fields.ArrayField(
models.CharField(max_length=255), blank=True, default=list
)
bio = fields.TextField(null=True, blank=True)
bio = fields.HtmlField(null=True, blank=True)
def save(self, *args, **kwargs):
''' can't be abstract for query reasons, but you shouldn't USE it '''