fix XSS on opengraph tags

res/template/file_viewer.html

@@ -24,7 +24,7 @@
 		{{template `modal.css`}}
 		</style>
 
-		{{.OGData}}
+		{{ template "opengraph" .OGData }}
 	</head>
 
 	<body>
@@ -81,19 +81,17 @@
 
 					{{ if and .Other.FileAdsEnabled .Other.UserAdsEnabled }}
 					<hr/>
-					<div style="text-align: center; line-height: 1.4em">
-						<!-- scrolling="no" is not allowed by the W3C, but overflow: hidden doesn't work in chrome, so I have no choice -->
-						<iframe
-							data-aa="73974"
-							src="//ad.a-ads.com/73974?size=120x600&background_color={{.Style.Layer1Color.RGB}}&text_color={{.Style.TextColor.RGB}}&title_color={{.Style.HighlightColor.RGB}}&title_hover_color={{.Style.HighlightColor.RGB}}&link_color={{.Style.HighlightColor.RGB}}&link_hover_color={{.Style.HighlightColor.RGB}}"
-							style="width:120px; height:600px; border:none; padding:0; overflow:hidden;"
-							scrolling="no">
-						</iframe>
-						<br/>
-						<a class="button" href="https://a-ads.com/campaigns/new?selected_ad_unit_id=73974&selected_source_type=ad_unit&partner=73974">
-							Put your own advertisement here
-						</a>
-					</div>
+					Tired of ads?<br/>
+					Files expiring too soon?<br/>
+					<a class="button button_highlight" href="/click/7wy9gg2J?target=%2Fsubscribe">
+						<svg style="float: left; width: 2em; height: 2em; fill: currentColor;" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 100 100">
+							<g fill-rule="evenodd">
+								<path d="M64.1102,0.1004 C44.259,0.1004 28.1086,16.2486 28.1086,36.0986 C28.1086,55.8884 44.259,71.989 64.1102,71.989 C83.9,71.989 100,55.8884 100,36.0986 C100,16.2486 83.9,0.1004 64.1102,0.1004"/>
+								<polygon points=".012 95.988 17.59 95.988 17.59 .1 .012 .1"/>
+							</g>
+						</svg>
+						Become a Patron!
+					</a>
 					{{ end }}
 
 					<!-- This frame will load the download URL when a download button is pressed -->