From 0f1a60a3482631879c84c96318105f5fd5d9ca93 Mon Sep 17 00:00:00 2001
From: Bill Thiede <git@xinu.tv>
Date: Sat, 3 Feb 2024 11:15:57 -0800
Subject: [PATCH] Sanitize html when linkifying plain text.

---
 server/src/graphql.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/src/graphql.rs b/server/src/graphql.rs
index c5a7af9..ce8debc 100644
--- a/server/src/graphql.rs
+++ b/server/src/graphql.rs
@@ -350,7 +350,7 @@ impl QueryRoot {
                 Body::PlainText(PlainText { text, content_tree }) => Body::Html(Html {
                     html: format!(
                         r#"<p class="view-part-text-plain">{}</p>"#,
-                        linkify_html(&text)
+                        sanitize_html(&linkify_html(&text))?
                     ),
                     content_tree: if debug_content_tree {
                         render_content_type_tree(&m)