feat/3247 Escape html tags from the slack messages (#3306)

2021-11-01 12:08:10 +05:30
parent a3b6e5655d
commit 000c7603d6
1 changed files with 1 additions and 1 deletions
--- a/lib/integrations/slack/send_on_slack_service.rb
+++ b/lib/integrations/slack/send_on_slack_service.rb
@@ -56,7 +56,7 @@ class Integrations::Slack::SendOnSlackService < Base::SendOnChannelService
  def post_message
    @slack_message = slack_client.chat_postMessage(
      channel: hook.reference_id,
-      text: message_content,
+      text: ActionView::Base.full_sanitizer.sanitize(message_content),
      username: sender_name(message.sender),
      thread_ts: conversation.identifier,
      icon_url: avatar_url(message.sender)