From 175f0bebbc8ee420082b10b00e49e490f65d4c5f Mon Sep 17 00:00:00 2001
From: ensra <ensra@users.noreply.github.com>
Date: Tue, 21 Aug 2018 10:53:53 +0100
Subject: [PATCH] mastodon api: sanitize the bio HTML

---
 lib/pleroma/web/mastodon_api/views/account_view.ex | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/pleroma/web/mastodon_api/views/account_view.ex b/lib/pleroma/web/mastodon_api/views/account_view.ex
index cc5261616..d9edcae7f 100644
--- a/lib/pleroma/web/mastodon_api/views/account_view.ex
+++ b/lib/pleroma/web/mastodon_api/views/account_view.ex
@@ -36,7 +36,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
       followers_count: user_info.follower_count,
       following_count: user_info.following_count,
       statuses_count: user_info.note_count,
-      note: user.bio || "",
+      note: HtmlSanitizeEx.basic_html(user.bio) || "",
       url: user.ap_id,
       avatar: image,
       avatar_static: image,