Securely accept line breaks into the alert

It allows to add line breaks without making the component vulnerable to xss
KoalaFacade · Jul 24, 2023 · 0ccbac3 · 0ccbac3
1 parent adf9b2a
commit 0ccbac3
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/resources/views/components/base-alert-box.blade.php b/resources/views/components/base-alert-box.blade.php
@@ -35,7 +35,7 @@
             </div>
         @endif
         <div class="description font-light">
-            {{$helperText}}
+            {!! nl2br(htmlspecialchars($helperText)) !!}
         </div>
     </div>
 </div>