feat: sanitize html when saving

TeamVastsea · Sep 8, 2024 · 7933c68 · 7933c68
1 parent 7eda311
commit 7933c68
Show file tree

Hide file tree

Showing 3 changed files with 185 additions and 1 deletion.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -40,6 +40,7 @@ migration = {path = "migration"}
 sea-orm = { version = "1.0.1", features = ["macros", "sqlx-postgres", "runtime-tokio-rustls"] }
 futures = "0.3.30"
 chrono = "0.4.38"
+ammonia = "4.0.0"
 
 
 [build-dependencies]

diff --git a/src/controller/survey/modify.rs b/src/controller/survey/modify.rs
@@ -1,3 +1,4 @@
+use ammonia::clean;
 use crate::controller::error::ErrorMessage;
 use crate::model::generated::survey;
 use crate::service::admin::AdminTokenInfo;
@@ -38,7 +39,7 @@ pub async fn create_survey(AdminTokenInfo(admin): AdminTokenInfo, Json(request):
         id: NotSet,
         title: Set(request.title),
         budge: Set(request.budge),
-        description: Set(request.description),
+        description: Set(clean(&request.description)),
         image: Set(request.image),
         page: Set(request.page),
         start_date: Set(request.start_date),