Composer: Fix XSS when editing a message with code (#1360)

This commit is contained in:
Alexander Zinchuk 2021-08-05 16:56:50 +03:00
parent 0c7add95c8
commit f108005cc2

View File

@ -380,7 +380,7 @@ function processEntityAsHtml(
const renderedContent = nestedEntityContent.length
? nestedEntityContent.join('')
: renderText(entityContent, ['emoji_html', 'br_html']).join('');
: renderText(entityContent, ['escape_html', 'emoji_html', 'br_html']).join('');
if (!rawEntityText) {
return renderedContent;