From 9328eeca95e98940f80c1bea96819e0c90eacd53 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?=
 <barisusakli@gmail.com>
Date: Thu, 10 Jan 2019 23:52:53 -0500
Subject: [PATCH] fix: escape hook method

---
 src/controllers/admin/hooks.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/controllers/admin/hooks.js b/src/controllers/admin/hooks.js
index 40e84e5fc6..f3440d5689 100644
--- a/src/controllers/admin/hooks.js
+++ b/src/controllers/admin/hooks.js
@@ -1,5 +1,6 @@
 'use strict';
 
+const validator = require('validator');
 var plugins = require('../../plugins');
 
 var hooksController = module.exports;
@@ -18,7 +19,7 @@ hooksController.get = function (req, res) {
 			current.methods.push({
 				id: hookData.id,
 				priority: hookData.priority,
-				method: hookData.method ? hookData.method.toString() : 'No plugin function!',
+				method: hookData.method ? validator.escape(hookData.method.toString()) : 'No plugin function!',
 				index: hookIndex + '-code-' + methodIndex,
 			});
 		});