status-im
/
status-desktop
mirror of https://github.com/status-im/status-desktop.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix: ensure html is escaped in the notification window

This commit is contained in:
Jonathan Rainville 2020-11-16 11:35:00 -05:00 committed by Iuri Matias
parent 6dabd361e1
commit c10e0a8503
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/app/chat/view.nim
View File

@ -348,7 +348,7 @@ QtObject:
if msg.chatId != self.activeChannel.id:
let channel = self.chats.getChannelById(msg.chatId)
if not channel.muted:
self.messageNotificationPushed(msg.chatId, msg.text, msg.messageType, channel.chatType.int, msg.timestamp, msg.identicon, msg.alias, msg.hasMention)
self.messageNotificationPushed(msg.chatId, escape_html(msg.text), msg.messageType, channel.chatType.int, msg.timestamp, msg.identicon, msg.alias, msg.hasMention)
else:
discard self.status.chat.markMessagesSeen(msg.chatId, @[msg.id])
self.newMessagePushed()

2
ui/app/AppLayouts/Chat/ContactsColumn/Channel.qml
View File

@ -89,7 +89,7 @@ Rectangle {
//% "Sticker"
case Constants.stickerType: return qsTrId("sticker");
//% "No messages"
default: return lastMessage ? Emoji.parse(lastMessage, "26x26").replace(/\n|\r/g, ' ') : qsTrId("no-messages")
default: return lastMessage ? Emoji.parse(Utils.filterXSS(lastMessage), "26x26").replace(/\n|\r/g, ' ') : qsTrId("no-messages")
}
}
textFormat: Text.RichText