From 54542c8b2bc66c96331efa70620a0cb82e34cd71 Mon Sep 17 00:00:00 2001
From: Mykyta Maliarchuk <84377976+nikita-web-ua@users.noreply.github.com>
Date: Tue, 4 Jul 2023 18:20:34 +0200
Subject: [PATCH] [ACS-5399] Fix incomplete multi-character sanitization
 (#8707)

* [ACS-5399] sanitization fix

* [ACS-5399] sanitization fix

* [ACS-5399] sanitization fix

* [ACS-5399] sanitization fix

* [ACS-5399] sanitization fix for comments.component

* [ACS-5399] sanitization fix for highlight-transform.service

* [ACS-5399] sanitization fix

* [ACS-5399] sanitization highlight-transform.service

* [ACS-5399] removed empty contructor

* [ACS-5399] linting

* [ACS-5399] fixed unit test

* [ACS-5399] linting

* [ACS-5399] fixed e2e

* [ACS-5399] added unit test to core

* [ACS-5399] added unit test to core

* [ACS-5399] test fix
---
 .../components/comment-component.e2e.ts              |  5 +++--
 lib/core/src/lib/comments/comments.component.spec.ts |  4 ++--
 lib/core/src/lib/comments/comments.component.ts      |  7 ++++---
 .../common/services/highlight-transform.service.ts   | 12 ++++++------
 4 files changed, 15 insertions(+), 13 deletions(-)

diff --git a/e2e/content-services/components/comment-component.e2e.ts b/e2e/content-services/components/comment-component.e2e.ts
index 35b39c1fde..bea4c42ff4 100644
--- a/e2e/content-services/components/comment-component.e2e.ts
+++ b/e2e/content-services/components/comment-component.e2e.ts
@@ -150,7 +150,8 @@ describe('Comment', () => {
             await expect(await commentsPage.getTime(0)).toMatch(/(ago|few)/);
         });
 
-        it('[C280022] Should not be able to add an HTML or other code input into the comment input filed', async () => {
+        it('[C280022] Should treat HTML code as a regular string', async () => {
+            const resultStr = comments.codeType.replace(/\s\s+/g, ' ');
             await viewerPage.viewFile(pngFileModel.name);
             await viewerPage.clickInfoButton();
             await viewerPage.checkInfoSideBarIsDisplayed();
@@ -160,7 +161,7 @@ describe('Comment', () => {
             await commentsPage.checkUserIconIsDisplayed();
 
             await commentsPage.getTotalNumberOfComments('Comments (1)');
-            await expect(await commentsPage.getMessage(0)).toEqual('First name: Last name:');
+            await expect(await commentsPage.getMessage(0)).toEqual(resultStr);
             await expect(await commentsPage.getUserName(0)).toEqual(userFullName);
             await expect(await commentsPage.getTime(0)).toMatch(/(ago|few)/);
         });
diff --git a/lib/core/src/lib/comments/comments.component.spec.ts b/lib/core/src/lib/comments/comments.component.spec.ts
index 31e9353588..31e996e1f0 100644
--- a/lib/core/src/lib/comments/comments.component.spec.ts
+++ b/lib/core/src/lib/comments/comments.component.spec.ts
@@ -173,8 +173,8 @@ describe('CommentsComponent', () => {
 
             fixture.detectChanges();
             await fixture.whenStable();
-
-            expect(addCommentSpy).toHaveBeenCalledWith('123', 'action');
+            const sanitizedStr = '&lt;div class=&quot;text-class&quot;&gt;&lt;button onclick=&quot;&quot;&gt;&lt;h1&gt;action&lt;/h1&gt;&lt;/button&gt;&lt;/div&gt;';
+            expect(addCommentSpy).toHaveBeenCalledWith('123', sanitizedStr);
         });
 
         it('should normalize comment when user input contains spaces sequence', async () => {
diff --git a/lib/core/src/lib/comments/comments.component.ts b/lib/core/src/lib/comments/comments.component.ts
index 564d45cd84..a0192abae3 100644
--- a/lib/core/src/lib/comments/comments.component.ts
+++ b/lib/core/src/lib/comments/comments.component.ts
@@ -175,8 +175,9 @@ export class CommentsComponent implements OnChanges {
     }
 
     private sanitize(input: string): string {
-        return input.replace(/<[^>]+>/g, '')
-            .replace(/^\s+|\s+$|\s+(?=\s)/g, '')
-            .replace(/\r?\n/g, '<br/>');
+        return input.replace(/^\s+|\s+$|\s+(?=\s)/g, '')
+            .replace(/&/g, '&amp;').replace(/</g, '&lt;')
+            .replace(/>/g, '&gt;').replace(/"/g, '&quot;')
+            .replace(/'/g, '&#039;').replace(/\r?\n/g, '<br/>');
     }
 }
diff --git a/lib/core/src/lib/common/services/highlight-transform.service.ts b/lib/core/src/lib/common/services/highlight-transform.service.ts
index b8b1eed2e7..5cae81ed3f 100644
--- a/lib/core/src/lib/common/services/highlight-transform.service.ts
+++ b/lib/core/src/lib/common/services/highlight-transform.service.ts
@@ -15,8 +15,7 @@
  * limitations under the License.
  */
 
-import { Injectable, SecurityContext } from '@angular/core';
-import { DomSanitizer } from '@angular/platform-browser';
+import { Injectable } from '@angular/core';
 
 export interface HighlightTransformResult {
     text: string;
@@ -28,8 +27,6 @@ export interface HighlightTransformResult {
 })
 export class HighlightTransformService {
 
-    constructor(private sanitizer: DomSanitizer) {}
-
     /**
      * Searches for `search` string(s) within `text` and highlights all occurrences.
      *
@@ -47,14 +44,17 @@ export class HighlightTransformService {
             pattern = pattern.split(' ').filter((t) => t.length > 0).join('|');
 
             const regex = new RegExp(pattern, 'gi');
-            result = this.sanitizer.sanitize(SecurityContext.HTML, text).replace(regex, (match) => {
+            result = this.removeHtmlTags(text).replace(regex, (match) => {
                 isMatching = true;
                 return `<span class="${wrapperClass}">${match}</span>`;
             });
-
             return { text: result, changed: isMatching };
         } else {
             return { text: result, changed: isMatching };
         }
     }
+
+    private removeHtmlTags(text: string): string {
+        return text.split('>').pop().split('<')[0];
+    }
 }