From cec8be8ed390a2b2f83b2f8add33519ab68ef3e3 Mon Sep 17 00:00:00 2001
From: JediKev <kevin@enhancesoft.com>
Date: Fri, 20 Jul 2018 11:06:30 -0500
Subject: [PATCH] issue: TextThreadEntryBody Sanitize

This addresses an issue introduced with a3d896c where TextThreadEntryBodies
are not keeping their new line characters causing the email format to appear
wonky. This balances the entry and then htmlchars it to ensure no XSS.
---
 include/class.thread.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/class.thread.php b/include/class.thread.php
index 7069808d3..f8455faf5 100644
--- a/include/class.thread.php
+++ b/include/class.thread.php
@@ -2542,7 +2542,7 @@ class TextThreadEntryBody extends ThreadEntryBody {
     }
 
     function getClean() {
-        return  Format::htmlchars(Format::stripEmptyLines(parent::getClean()), true);
+        return Format::htmlchars(Format::html_balance(Format::stripEmptyLines(parent::getClean())));
     }
 
     function prepend($what) {
-- 
GitLab