From 4166481a75da5eae00747eaaaef7721f7d2a75b1 Mon Sep 17 00:00:00 2001 From: celestora Date: Wed, 29 Jan 2025 23:13:20 +0200 Subject: [PATCH] fix(im): escape html in sent messages too (#1218) fixes #1215 --- Web/Presenters/templates/Messenger/App.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Web/Presenters/templates/Messenger/App.xml b/Web/Presenters/templates/Messenger/App.xml index ac3acf0b..79002373 100644 --- a/Web/Presenters/templates/Messenger/App.xml +++ b/Web/Presenters/templates/Messenger/App.xml @@ -232,7 +232,7 @@ sendMessage(content) { console.debug("New outcoming message. Pushing preview to local stack."); - let tempId = this.newMessage(content); + let tempId = this.newMessage(escapeHtml(content)); let msgData = new FormData(); msgData.set("content", content);