From 8359198e5edb272311e10c77e6bf4cb662abd5ec Mon Sep 17 00:00:00 2001
From: Adam Mathes <adam@trenchant.org>
Date: Sat, 25 Feb 2017 17:50:38 -0800
Subject: silent by default, verbose option added. -feeds cmd line option added

---
 models/item/item.go | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'models')

diff --git a/models/item/item.go b/models/item/item.go
index 9e22aa8..5a4c274 100644
--- a/models/item/item.go
+++ b/models/item/item.go
@@ -115,8 +115,15 @@ func Filter(max_id int64, feed_id int64, unread_only bool, starred_only bool) ([
 			log.Println(err)
 			return nil, err
 		}
+		
+		// sanitize all fields from external input
+		// should do this at ingest time, probably, for efficiency
+		// but still may need to adjust rules
+		i.Title = p.Sanitize(i.Title)
 		i.Description = p.Sanitize(i.Description)
-		// TODO: sanitize other fields
+		i.Url = p.Sanitize(i.Url)
+		i.FeedTitle = p.Sanitize(i.FeedTitle)
+		i.FeedUrl = p.Sanitize(i.FeedUrl)
 		items = append(items, i)
 	}
 	if err = rows.Err(); err != nil {
-- 
cgit v1.2.3