make sure titles are escaped in getData api

This commit is contained in:
j 2013-06-01 00:09:49 +02:00
parent 55ddd65c7e
commit b720ac1157

View file

@ -142,6 +142,7 @@ class Imdb(models.Model):
t = re.sub('<a href="(/title/.*?/)">(.*?)</a>', fix_titles, t)
return t
if 'trivia' in data:
data['trivia'] = [fix_links(t) for t in data['trivia']]
@ -167,11 +168,21 @@ class Imdb(models.Model):
data['reviews'] = reviews
if not data['reviews']:
del data['reviews']
data['likes'] = self.info('likes')
data['downloads'] = self.info('downloads')
data['links'] = self.links()
data['posters'] = self.posters(request)
if 'title' in data:
data['title'] = ox.sanitize_html(data['title'])
if 'alternativeTitles' in data:
for a in data['alternativeTitles']:
a[0] = ox.sanitize_html(a[0])
if 'connections' in data:
for type in data['connections']:
for c in data['connections'][type]:
for key in ('title', 'description'):
if key in c:
c[key] = ox.sanitize_html(c[key])
return data
def info(self, key):