extern/audiobookshelf
1
0
Fork 0
mirror of https://github.com/advplyr/audiobookshelf.git synced 2025-08-19 03:15:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

Sanitize media item & episode description on update

Browse Source
This commit is contained in:
advplyr
2025-05-31 17:01:58 -05:00
parent 4968864498
commit 9052ceedd3
3 changed files with 30 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
server/models/Book.js
View File

@@ -377,8 +377,17 @@ class Book extends Model {
if (typeof payload.metadata[key] == 'number') {
payload.metadata[key] = String(payload.metadata[key])
}
if ((typeof payload.metadata[key] === 'string' || payload.metadata[key] === null) && this[key] !== payload.metadata[key]) {
// Sanitize description HTML
if (key === 'description' && payload.metadata[key]) {
const sanitizedDescription = htmlSanitizer.sanitize(payload.metadata[key])
if (sanitizedDescription !== payload.metadata[key]) {
Logger.debug(`[Book] "${this.title}" Sanitized description from "${payload.metadata[key]}" to "${sanitizedDescription}"`)
payload.metadata[key] = sanitizedDescription
}
}
this[key] = payload.metadata[key] || null
if (key === 'title') {