From 0f242d0598419f425eb4fd1048de25789e3e572b Mon Sep 17 00:00:00 2001 From: Alexander Zinchuk Date: Tue, 4 May 2021 12:31:34 +0300 Subject: [PATCH] Composer: Fix XSS in draft --- src/components/common/helpers/renderMessageText.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/components/common/helpers/renderMessageText.tsx b/src/components/common/helpers/renderMessageText.tsx index d0c026efb..2f638ca0c 100644 --- a/src/components/common/helpers/renderMessageText.tsx +++ b/src/components/common/helpers/renderMessageText.tsx @@ -325,7 +325,7 @@ function renderMessagePart( } if (shouldRenderAsHtml) { - return renderText(content, ['emoji_html', 'br_html']); + return renderText(content, ['escape_html', 'emoji_html', 'br_html']); } const emojiFilter = shouldRenderHqEmoji ? 'hq_emoji' : 'emoji';