diff options
Diffstat (limited to 'web-ui/app/js/helpers/view_helper.js')
| -rw-r--r-- | web-ui/app/js/helpers/view_helper.js | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/web-ui/app/js/helpers/view_helper.js b/web-ui/app/js/helpers/view_helper.js index 01ab45ed..bb909cea 100644 --- a/web-ui/app/js/helpers/view_helper.js +++ b/web-ui/app/js/helpers/view_helper.js @@ -35,10 +35,33 @@ define( return textPlainBody.replace(/^(.*?)$/mg, '<p>$1</p>'); } + function escapeHtmlTags (body) { + + var escapeIndex = { + "&": "&", + "<": "<", + ">": ">", + '"': '"', + "'":''', + "/": '/' + + }; + + return body.replace(/["'<>\/&]/g, function(char){ + return escapeIndex[char]; + } ) + + } + + function escapeHtmlAndAddParagraphs (body) { + var escapedBody = escapeHtmlTags(body); + return addParagraphsToPlainText(escapedBody); + } + function formatMailBody (mail) { var body = mail.htmlBodyPart ? htmlWhitelister.sanitize(mail.htmlBody, htmlWhitelister.tagPolicy) : - addParagraphsToPlainText(mail.textPlainBody); + escapeHtmlAndAddParagraphs(mail.textPlainBody); return $(body); } |