From 17e2877c91dfc889ab5edb62fc6e00dd7dcbba01 Mon Sep 17 00:00:00 2001
From: Mario <mario@mariovavti.com>
Date: Wed, 21 Feb 2024 10:44:56 +0000
Subject: make sure to decode html special chars before sending over the wire
 and

---
 Zotlabs/Lib/Activity.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'Zotlabs/Lib')

diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php
index ab96423d7..4db116b5e 100644
--- a/Zotlabs/Lib/Activity.php
+++ b/Zotlabs/Lib/Activity.php
@@ -517,7 +517,7 @@ class Activity {
 		}
 
 		if ($i['title'])
-			$ret['name'] = $i['title'];
+			$ret['name'] = unescape_tags($i['title']);
 
 		$ret['published'] = datetime_convert('UTC', 'UTC', $i['created'], ATOM_TIME);
 		if ($i['created'] !== $i['edited'])
@@ -564,11 +564,11 @@ class Activity {
 
 		if ($i['mimetype'] === 'text/bbcode') {
 			if ($i['title'])
-				$ret['name'] = bbcode($i['title'], ['cache' => true]);
+				$ret['name'] = unescape_tags($i['title']);
 			if ($i['summary'])
-				$ret['summary'] = bbcode($i['summary'], ['cache' => true]);
-			$ret['content'] = bbcode($i['body'], ['cache' => true]);
-			$ret['source']  = ['content' => $i['body'], 'mediaType' => 'text/bbcode'];
+				$ret['summary'] = unescape_tags($i['summary']);
+			$ret['content'] = bbcode(unescape_tags($i['body']), ['cache' => true]);
+			$ret['source']  = ['content' => unescape_tags($i['body']), 'mediaType' => 'text/bbcode'];
 		}
 
 		$actor = self::encode_person($i['author'], false);
-- 
cgit v1.2.3