Fixed security breach in conversations system

2025-06-19 20:35:16 +00:00 · 2017-07-04 21:13:02 +02:00
parent 798e43d446
commit 6251d47ca0
2 changed files with 28 additions and 1 deletions
--- a/assets/js/common/utils.js
+++ b/assets/js/common/utils.js
@ -289,4 +289,31 @@ function checkString(value){
 	//Success, the string seems to be valid
 	return true;

+}
+
+/**
+ * Remove HTML carachters : < and >
+ * 
+ * @param {String} input The string to change
+ * @return {String} The updated string
+ */
+function removeHtmlTags(input){
+	
+	//Prepare update
+	var output = input;
+	
+	//Replace opening braces
+	while(output.includes("<")){
+		//Replace an occurence
+		output = output.replace("<", "&lt;");
+	}
+
+	//Replace closing braces
+	while(output.includes(">")){
+		//Replace an occurence
+		output = output.replace(">", "&gt;");
+	}
+	
+	//Return result
+	return output;
 }