Escape PuSH challenge and change subscriptions and salmon APIs to text/plain - mastofe - My custom branche(s) on git.pleroma.social/pleroma/mastofe

commit: 2ba6537f524dfcdd761edbe72f925c26588b4f0e
parent: 68931c1ee813de5acedf0abb5e9277a12fcdb448
Author: Eugen Rochko <eugen@zeonfederated.com>
Date:   Mon, 21 Mar 2016 09:24:29 +0100

Escape PuSH challenge and change subscriptions and salmon APIs to text/plain

Diffstat:
M app/controllers/api/salmon_controller.rb 1 +
M app/controllers/api/subscriptions_controller.rb 3 ++-

2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/app/controllers/api/salmon_controller.rb b/app/controllers/api/salmon_controller.rb
@@ -1,5 +1,6 @@
 class Api::SalmonController < ApiController
   before_action :set_account
+  respond_to :txt
 
   def update
     ProcessInteractionService.new.(request.body.read, @account)
diff --git a/app/controllers/api/subscriptions_controller.rb b/app/controllers/api/subscriptions_controller.rb
@@ -1,9 +1,10 @@
 class Api::SubscriptionsController < ApiController
   before_action :set_account
+  respond_to :txt
 
   def show
     if @account.subscription(api_subscription_url(@account.id)).valid?(params['hub.topic'], params['hub.verify_token'])
-      render text: params['hub.challenge'], status: 200
+      render text: HTMLEntities.new.encode(params['hub.challenge']), status: 200
     else
       render nothing: true, status: 404
     end

M	app/controllers/api/salmon_controller.rb	1	+
M	app/controllers/api/subscriptions_controller.rb	3	++-