From cbd941f5fca2a235b70b33d50f82951671492c77 Mon Sep 17 00:00:00 2001
From: Rui Tome <rtome@bitwarden.com>
Date: Fri, 22 Sep 2023 16:03:59 +0100
Subject: [PATCH] [AC-1637] Added HtmlEncodingStringConverter to encode/decode
 special chars on JSON serialization/deserialization

---
 src/Core/Utilities/JsonHelpers.cs | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/src/Core/Utilities/JsonHelpers.cs b/src/Core/Utilities/JsonHelpers.cs
index ad7aefd257..09f1ce9121 100644
--- a/src/Core/Utilities/JsonHelpers.cs
+++ b/src/Core/Utilities/JsonHelpers.cs
@@ -1,6 +1,7 @@
 using System.Globalization;
 using System.Text.Json;
 using System.Text.Json.Serialization;
+using System.Web;
 using NS = Newtonsoft.Json;
 
 namespace Bit.Core.Utilities;
@@ -204,3 +205,33 @@ public class PermissiveStringEnumerableConverter : JsonConverter<IEnumerable<str
         writer.WriteEndArray();
     }
 }
+
+/// <summary>
+/// Encodes incoming strings using HTML encoding
+/// and decodes outgoing strings using HTML decoding.
+/// </summary>
+public class HtmlEncodingStringConverter : JsonConverter<string>
+{
+    public override string Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options)
+    {
+        if (reader.TokenType == JsonTokenType.String)
+        {
+            var originalValue = reader.GetString();
+            return HttpUtility.HtmlEncode(originalValue);
+        }
+        return reader.GetString();
+    }
+
+    public override void Write(Utf8JsonWriter writer, string value, JsonSerializerOptions options)
+    {
+        if (!string.IsNullOrEmpty(value))
+        {
+            var encodedValue = HttpUtility.HtmlDecode(value);
+            writer.WriteStringValue(encodedValue);
+        }
+        else
+        {
+            writer.WriteNullValue();
+        }
+    }
+}