Sanitize article html. Fixes #882 (#883)

[lemmy-ui.git] / src / shared / components / post / metadata-card.tsx

diff --git a/src/shared/components/post/metadata-card.tsx b/src/shared/components/post/metadata-card.tsx
index 128742b14fb200819cf892bfe5ad3a312a7283bd..a586064c4723380bd44a685df74c22640496f8ea 100644 (file)
--- a/src/shared/components/post/metadata-card.tsx
+++ b/src/shared/components/post/metadata-card.tsx
@@ -1,5 +1,6 @@
 import { Component, linkEvent } from "inferno";
 import { Post } from "lemmy-js-client";
+import * as sanitizeHtml from "sanitize-html";
 import { i18n } from "../../i18next";
 import { relTags } from "../../utils";
 import { Icon } from "../common/icon";
@@ -66,7 +67,7 @@ export class MetadataCard extends Component<
                               <div
                                 className="card-text small text-muted md-div"
                                 dangerouslySetInnerHTML={{
-                                  __html: desc,
+                                  __html: sanitizeHtml(desc),
                                 }}
                               />
                             ),