Prevent possible XSS

This commit is contained in:
sudokoko 2024-03-29 16:54:03 -04:00
commit 1884ffd95f
No known key found for this signature in database
GPG key ID: 248D68C664937395

View file

@ -66,15 +66,19 @@
<div> <div>
<h3>@Model.LatestAnnouncement.Title</h3> <h3>@Model.LatestAnnouncement.Title</h3>
<div style="padding-bottom: 2em;"> <div style="padding-bottom: 2em;">
<span style="white-space: pre-line"> @if (Model.LatestAnnouncement.Content.Length > 250)
@{ {
string truncatedAnnouncement = Model.LatestAnnouncement.Content.Length > 250 <span style="white-space: pre-line">
? Model.LatestAnnouncement.Content[..250] + @Model.LatestAnnouncement.Content[..250]
$"... <a href='{ServerConfiguration.Instance.ExternalUrl}/notifications'>read more</a>" <a href="@ServerConfiguration.Instance.ExternalUrl/notifications">read more</a>
: Model.LatestAnnouncement.Content; </span>
}
else
{
<span style="white-space: pre-line">
@Model.LatestAnnouncement.Content
</span>
} }
@Html.Raw(truncatedAnnouncement)
</span>
</div> </div>
@if (Model.LatestAnnouncement.Publisher != null) @if (Model.LatestAnnouncement.Publisher != null)
{ {