From f3f476fa893e5f04322585baf98525aea31f469b Mon Sep 17 00:00:00 2001 From: Roman Volosovskyi Date: Wed, 26 Sep 2018 21:41:54 +0300 Subject: [PATCH] [#5277] [desktop] escape html tags in messages --- components/src/status_im/ui/components/react.cljs | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/components/src/status_im/ui/components/react.cljs b/components/src/status_im/ui/components/react.cljs index 1f0a179535..e7445c6fbc 100644 --- a/components/src/status_im/ui/components/react.cljs +++ b/components/src/status_im/ui/components/react.cljs @@ -92,11 +92,17 @@ (vec (map string/upper-case ts)) ts)) +(defn escape-html [text] + (if (and platform/desktop? (string? text)) + (clojure.string/escape text {\< "<", \> ">", \& "&"}) + text)) + (defn text ([t] - [text-class t]) + [text-class (escape-html t)]) ([opts t & ts] (->> (conj ts t) + (map escape-html) (transform-to-uppercase opts) (concat [text-class (add-font-style :style opts)]) (vec))))