From e698d81f9f1bd17e55a0bd8de7edbb3a3227fd8f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobias=20Ho=CC=88=C3=9Fl?= <tobias@hoessl.eu>
Date: Sat, 4 Mar 2017 15:50:41 +0100
Subject: [PATCH] Bugfix for #3024 - escaping HTML tags

---
 openslides/motions/static/js/motions/diff.js | 4 ++--
 tests/karma/motions/diff.service.test.js     | 6 ++++++
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/openslides/motions/static/js/motions/diff.js b/openslides/motions/static/js/motions/diff.js
index 6ad1578b8..9454cd28d 100644
--- a/openslides/motions/static/js/motions/diff.js
+++ b/openslides/motions/static/js/motions/diff.js
@@ -172,7 +172,7 @@ angular.module('OpenSlidesApp.motions.diff', ['OpenSlidesApp.motions.lineNumberi
 
         this._serializeDom = function(node, stripLineNumbers) {
             if (node.nodeType == TEXT_NODE) {
-                return node.nodeValue;
+                return node.nodeValue.replace(/</g, "&lt;").replace(/>/g, "&gt;");
             }
             if (stripLineNumbers && (
                 lineNumberingService._isOsLineNumberNode(node) || lineNumberingService._isOsLineBreakNode(node))) {
@@ -193,7 +193,7 @@ angular.module('OpenSlidesApp.motions.diff', ['OpenSlidesApp.motions.lineNumberi
             var html = this._serializeTag(node);
             for (var i = 0; i < node.childNodes.length; i++) {
                 if (node.childNodes[i].nodeType == TEXT_NODE) {
-                    html += node.childNodes[i].nodeValue;
+                    html += node.childNodes[i].nodeValue.replace(/</g, "&lt;").replace(/>/g, "&gt;");
                 } else if (!stripLineNumbers || (!lineNumberingService._isOsLineNumberNode(node.childNodes[i]) && !lineNumberingService._isOsLineBreakNode(node.childNodes[i]))) {
                     html += this._serializeDom(node.childNodes[i], stripLineNumbers);
                 }
diff --git a/tests/karma/motions/diff.service.test.js b/tests/karma/motions/diff.service.test.js
index 0fae9e570..6be377398 100644
--- a/tests/karma/motions/diff.service.test.js
+++ b/tests/karma/motions/diff.service.test.js
@@ -188,6 +188,12 @@ describe('linenumbering', function () {
       expect(diff.outerContextStart).toBe('<OL start="3">');
       expect(diff.outerContextEnd).toBe('</OL>');
     });
+
+    it('escapes text resembling HTML-Tags', function () {
+        var inHtml = '<h2>' + noMarkup(1) + 'Looks like a &lt;p&gt; tag &lt;/p&gt;</h2><p>' + noMarkup(2) + 'Another line</p>';
+        var diff = diffService.extractRangeByLineNumbers(inHtml, 1, 2, true);
+        expect(diff.html).toBe('<H2>Looks like a &lt;p&gt; tag &lt;/p&gt;</H2>');
+    });
   });
 
   describe('merging two sections', function () {