From 4cdd619bf18e7b3d35785ab743c1c726f09269e9 Mon Sep 17 00:00:00 2001
From: medchedli <medchedliby@gmail.com>
Date: Thu, 29 May 2025 10:45:36 +0100
Subject: [PATCH] fix: add HTML sanitization in Autolinker

---
 widget/src/components/messages/TextMessage.tsx | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/widget/src/components/messages/TextMessage.tsx b/widget/src/components/messages/TextMessage.tsx
index cacc6c9d..b3dad388 100644
--- a/widget/src/components/messages/TextMessage.tsx
+++ b/widget/src/components/messages/TextMessage.tsx
@@ -1,5 +1,5 @@
 /*
- * Copyright © 2024 Hexastack. All rights reserved.
+ * Copyright © 2025 Hexastack. All rights reserved.
  *
  * Licensed under the GNU Affero General Public License v3.0 (AGPLv3) with the following additional terms:
  * 1. The name "Hexabot" is a trademark of Hexastack. You may not use this name in derivative works without express written permission.
@@ -34,6 +34,7 @@ const TextMessage: React.FC<TextMessageProps> = ({ message }) => {
       messageTextRef.current.innerHTML = Autolinker.link(text, {
         className: "chatLink",
         truncate: { length: 50, location: "smart" },
+        sanitizeHtml: true,
       });
     }
   };