From 0d888203cbc4dc596d0c05cedfeabe8785b263fc Mon Sep 17 00:00:00 2001 From: Tyler Date: Sat, 16 May 2026 00:02:32 -0700 Subject: Fix valuation and data robustness bugs --- components/news.py | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'components/news.py') diff --git a/components/news.py b/components/news.py index 522826c..cb43ea8 100644 --- a/components/news.py +++ b/components/news.py @@ -3,6 +3,7 @@ import streamlit as st from datetime import datetime from services.news_service import get_company_news, get_news_sentiment from services.fmp_service import get_company_news as get_fmp_news +from utils.security import escape_html, validate_outbound_url def _sentiment_badge(sentiment: str) -> str: @@ -69,9 +70,10 @@ def render_news(ticker: str): for article in articles: headline = article.get("headline") or article.get("title", "No title") source = article.get("source") or article.get("site", "") - url = article.get("url") or article.get("newsURL") or article.get("url", "") + url = validate_outbound_url(article.get("url") or article.get("newsURL")) timestamp = article.get("datetime") or article.get("publishedDate", "") summary = article.get("summary") or article.get("text") or "" + headline_html = escape_html(headline) sentiment = _classify_sentiment(article) badge = _sentiment_badge(sentiment) @@ -81,9 +83,12 @@ def render_news(ticker: str): col1, col2 = st.columns([5, 1]) with col1: if url: - st.markdown(f"**[{headline}]({url})**") + st.markdown( + f'{headline_html}', + unsafe_allow_html=True, + ) else: - st.markdown(f"**{headline}**") + st.markdown(f"{headline_html}", unsafe_allow_html=True) meta = " ยท ".join(filter(None, [source, time_str])) if meta: st.caption(meta) -- cgit v1.3-2-g0d8e