Commit d46b83c6025a2c319d4891372b5f1f20174d84e8
1 parent
bf868501
Exists in
master
and in
29 other branches
chat.js: escape html tags in messages
ActionItem2682
Showing
1 changed file
with
1 additions
and
0 deletions
Show diff stats
public/javascripts/chat.js
... | ... | @@ -99,6 +99,7 @@ jQuery(function($) { |
99 | 99 | }, |
100 | 100 | |
101 | 101 | render_body_message: function(body) { |
102 | + body = body.replace(/&/g, '&').replace(/</g, '<').replace(/>/g, '>').replace(/\r?\n/g, '<br>'); | |
102 | 103 | body = $().emoticon(body); |
103 | 104 | body = linkify(body, { |
104 | 105 | callback: function(text, href) { | ... | ... |