From ac911cff4b07aa2f75a24193624327221ea194b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20N=C3=A9grier?= Date: Mon, 7 Jun 2021 10:42:08 +0200 Subject: [PATCH] Properly escaping name in discussion manager --- front/src/WebRtc/DiscussionManager.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/front/src/WebRtc/DiscussionManager.ts b/front/src/WebRtc/DiscussionManager.ts index 9bbfac5a..504ee91b 100644 --- a/front/src/WebRtc/DiscussionManager.ts +++ b/front/src/WebRtc/DiscussionManager.ts @@ -171,6 +171,8 @@ export class DiscussionManager { const date = new Date(); if(isMe){ name = 'Me'; + } else { + name = HtmlUtils.escapeHtml(name); } pMessage.innerHTML = `${name}