SAK-33394 Sanitise commons input using FormattedText (sakaiproject#4833)

CuomoZ · Sep 26, 2017 · 0de7fe8 · 0de7fe8
1 parent e70905f
commit 0de7fe8
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/commons/impl/src/java/org/sakaiproject/commons/impl/CommonsManagerImpl.java b/commons/impl/src/java/org/sakaiproject/commons/impl/CommonsManagerImpl.java
@@ -29,6 +29,7 @@
 import org.sakaiproject.profile2.logic.ProfileConnectionsLogic;
 import org.sakaiproject.profile2.model.BasicConnection;
 import org.sakaiproject.profile2.util.ProfileConstants;
+import org.sakaiproject.util.FormattedText;
 
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -111,6 +112,7 @@ public Post savePost(Post post) {
 
         if (commonsSecurityManager.canCurrentUserEditPost(post)) {
             try {
+                post.setContent(FormattedText.processFormattedText(post.getContent(), new StringBuilder(), true, false));
                 Post newOrUpdatedPost = persistenceManager.savePost(post);
                 if (newOrUpdatedPost != null) {
                     String commonsId = post.getCommonsId();