From 684f97703f97de41cccbbbefef6a3a4ba4bec898 Mon Sep 17 00:00:00 2001
From: Max Magorsch <arzano@gentoo.org>
Date: Mon, 20 Apr 2020 16:59:32 +0200
Subject: Rework the user object of glsa comments

Signed-off-by: Max Magorsch <arzano@gentoo.org>
---
 pkg/app/handler/glsa/comments.go | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/pkg/app/handler/glsa/comments.go b/pkg/app/handler/glsa/comments.go
index a3afe0b..73d11c2 100644
--- a/pkg/app/handler/glsa/comments.go
+++ b/pkg/app/handler/glsa/comments.go
@@ -10,6 +10,7 @@ import (
 	"glsamaker/pkg/models/users"
 	"encoding/json"
 	"errors"
+	"html"
 	"net/http"
 	"strconv"
 	"time"
@@ -41,6 +42,15 @@ func AddComment(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	newComment.Message = html.EscapeString(newComment.Message)
+	newComment.User = &users.User{
+		Id:                      newComment.User.Id,
+		Email:                   newComment.User.Email,
+		Nick:                    newComment.User.Nick,
+		Name:                    newComment.User.Name,
+		Badge:                   newComment.User.Badge,
+	}
+
 	newCommentString, _ := json.Marshal(newComment)
 
 	w.Write(newCommentString)
-- 
cgit v1.2.3-65-gdbad