Composer: Fix XSS when editing a message with code (#1360)
This commit is contained in:
parent
0c7add95c8
commit
f108005cc2
@ -380,7 +380,7 @@ function processEntityAsHtml(
|
||||
|
||||
const renderedContent = nestedEntityContent.length
|
||||
? nestedEntityContent.join('')
|
||||
: renderText(entityContent, ['emoji_html', 'br_html']).join('');
|
||||
: renderText(entityContent, ['escape_html', 'emoji_html', 'br_html']).join('');
|
||||
|
||||
if (!rawEntityText) {
|
||||
return renderedContent;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user