nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 23:52:50 -05:00
Code Activity

HTML encode sanitized inputs for email templates (#1138)

Browse Source
This commit is contained in:
Kyle Spearrin
2021-02-11 14:39:13 -05:00
committed by GitHub
parent 6cc317c4ba
commit 7c9ea83ad2
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/Core/Utilities/CoreHelpers.cs
View File

@ -503,9 +503,10 @@ namespace Bit.Core.Utilities
public static string SanitizeForEmail(string value)
{
return value.Replace("@", "[at]")
var cleanedValue = value.Replace("@", "[at]")
.Replace("http://", string.Empty)
.Replace("https://", string.Empty);
return HttpUtility.HtmlEncode(cleanedValue);
}
public static string DateTimeToTableStorageKey(DateTime? date = null)
@ -558,7 +559,7 @@ namespace Bit.Core.Utilities
{
return TokenIsValid("OrganizationUserInvite", protector, token, userEmail, orgUserId, globalSettings);
}
public static bool TokenIsValid(string firstTokenPart, IDataProtector protector, string token, string userEmail,
Guid id, GlobalSettings globalSettings)
{