From bef824e84ee36769712fc3c48171032056875df0 Mon Sep 17 00:00:00 2001
From: Travis Ralston <travpc@gmail.com>
Date: Mon, 6 Jan 2020 12:21:59 -0700
Subject: [PATCH] Remove harmful html entities encoding and other style nits

React will take care of this for us. It's harmful because simple characters get converted to something illegible.
---
 src/HtmlUtils.js                               |  5 -----
 src/components/views/dialogs/DMInviteDialog.js | 12 ++++--------
 2 files changed, 4 insertions(+), 13 deletions(-)

diff --git a/src/HtmlUtils.js b/src/HtmlUtils.js
index ce677e6c68..7cdff26a21 100644
--- a/src/HtmlUtils.js
+++ b/src/HtmlUtils.js
@@ -528,8 +528,3 @@ export function checkBlockNode(node) {
             return false;
     }
 }
-
-export function htmlEntitiesEncode(str: string) {
-    // Source: https://stackoverflow.com/a/18750001/7037379
-    return str.replace(/[\u00A0-\u9999<>&]/gim, i => `&#${i.charCodeAt(0)};`);
-}
diff --git a/src/components/views/dialogs/DMInviteDialog.js b/src/components/views/dialogs/DMInviteDialog.js
index aec64919a0..bb3e38a304 100644
--- a/src/components/views/dialogs/DMInviteDialog.js
+++ b/src/components/views/dialogs/DMInviteDialog.js
@@ -24,7 +24,6 @@ import DMRoomMap from "../../../utils/DMRoomMap";
 import {RoomMember} from "matrix-js-sdk/lib/matrix";
 import * as humanize from "humanize";
 import SdkConfig from "../../../SdkConfig";
-import {htmlEntitiesEncode} from "../../../HtmlUtils";
 import {getHttpUriForMxc} from "matrix-js-sdk/lib/content-repo";
 
 // TODO: [TravisR] Make this generic for all kinds of invites
@@ -77,11 +76,9 @@ class DMRoomTile extends React.PureComponent {
     _highlightName(str: string) {
         if (!this.props.highlightWord) return str;
 
-        // First encode the thing to avoid injection
-        str = htmlEntitiesEncode(str);
-
         // We convert things to lowercase for index searching, but pull substrings from
-        // the submitted text to preserve case.
+        // the submitted text to preserve case. Note: we don't need to htmlEntities the
+        // string because React will safely encode the text for us.
         const lowerStr = str.toLowerCase();
         const filterStr = this.props.highlightWord.toLowerCase();
 
@@ -92,8 +89,8 @@ class DMRoomTile extends React.PureComponent {
         while ((ii = lowerStr.indexOf(filterStr, i)) >= 0) {
             // Push any text we missed (first bit/middle of text)
             if (ii > i) {
-                // Push any text we aren't highlighting (middle of text match)
-                result.push(<span key={i + 'mid'}>{str.substring(i, ii)}</span>);
+                // Push any text we aren't highlighting (middle of text match, or beginning of text)
+                result.push(<span key={i + 'begin'}>{str.substring(i, ii)}</span>);
             }
 
             i = ii; // copy over ii only if we have a match (to preserve i for end-of-text matching)
@@ -333,7 +330,6 @@ export default class DMInviteDialog extends React.PureComponent {
             }
         }
 
-
         // If we're going to hide one member behind 'show more', just use up the space of the button
         // with the member's tile instead.
         if (showNum === sourceMembers.length - 1) showNum++;