From c9dde86e52f20f22a427f28837a9db02e273ce8f Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@libreserver.org>
Date: Sat, 20 Apr 2024 12:31:18 +0100
Subject: [PATCH] Ensure that there are no scripts lurking within quoted urls

---
 utils.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/utils.py b/utils.py
index 00c41a660..4b44a0557 100644
--- a/utils.py
+++ b/utils.py
@@ -4786,7 +4786,7 @@ def get_quote_toot_url(post_json_object: str) -> str:
                         if item.get('href'):
                             if isinstance(item['href'], str):
                                 if resembles_url(item['href']):
-                                    return item['href']
+                                    return remove_html(item['href'])
                 if not item.get('type'):
                     continue
                 if not item.get('mediaType'):
@@ -4802,7 +4802,7 @@ def get_quote_toot_url(post_json_object: str) -> str:
                 if item.get('href'):
                     if isinstance(item['href'], str):
                         if resembles_url(item['href']):
-                            return item['href']
+                            return remove_html(item['href'])
     return ''