From 34a6275b857e01160b57c3b6e307d74ecaabe30a Mon Sep 17 00:00:00 2001
From: Julian Lam <julian@designcreateplay.com>
Date: Wed, 16 Sep 2015 15:44:10 -0400
Subject: [PATCH] sanitise chat teaser

---
 src/messaging.js | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/messaging.js b/src/messaging.js
index f3020ed8f5..710288afec 100644
--- a/src/messaging.js
+++ b/src/messaging.js
@@ -4,6 +4,8 @@ var db = require('./database'),
 	async = require('async'),
 	nconf = require('nconf'),
 	winston = require('winston'),
+	S = require('string'),
+
 	user = require('./user'),
 	plugins = require('./plugins'),
 	meta = require('./meta'),
@@ -270,7 +272,9 @@ var db = require('./database'),
 							isNew: false,
 							count: 1
 						}, function(err, teaser) {
-							next(err, teaser[0]);
+							var teaser = teaser[0];
+							teaser.content = S(teaser.content).stripTags().decodeHTMLEntities().s;
+							next(err, teaser);
 						});
 					}, next);
 				}