0
0
instrumental/app/views/application/_card.html.haml
Paweł Ngei 5c7f641565 Escape HTML in profile name preview in profile settings (#9446)
* fix non-escaped html in the profile settings

* provide a default profile text in case if there's no custom one

* update haml syntax

* simplify default profile name to username

* sanitize user-input html but display emojified icons
2018-12-07 16:42:22 +01:00

18 lines
656 B
Plaintext

- account_url = local_assigns[:admin] ? admin_account_path(account.id) : TagManager.instance.url_for(account)
.card.h-card
= link_to account_url, target: '_blank', rel: 'noopener' do
.card__img
= image_tag account.header.url, alt: ''
.card__bar
.avatar
= image_tag account.avatar.url, alt: '', width: 48, height: 48, class: 'u-photo'
.display-name
%span{id: "default_account_display_name", style: "display:none;"}= account.username
%bdi
%strong.emojify.p-name= display_name(account, custom_emojify: true)
%span
= acct(account)
= fa_icon('lock') if account.locked?