diff --git a/src/Utils.cpp b/src/Utils.cpp
index 308c0af9..2bad72bf 100644
--- a/src/Utils.cpp
+++ b/src/Utils.cpp
@@ -285,7 +285,14 @@ utils::humanReadableFingerprint(const QString &ed25519)
QString
utils::linkifyMessage(const QString &body)
{
- QXmlStreamReader xml{"" + body + ""};
+ // Convert to valid XML.
+ auto doc = QString("%1").arg(body);
+
+ doc.replace("", "");
+ doc.replace("", "");
+ doc.replace("
", "
");
+
+ QXmlStreamReader xml{doc};
QString textString;
while (!xml.atEnd() && !xml.hasError()) {
@@ -330,8 +337,10 @@ utils::linkifyMessage(const QString &body)
}
if (xml.hasError()) {
- // qWarning() << "error while parsing xml";
- return body;
+ qWarning() << "error while parsing xml" << xml.errorString() << doc;
+ doc.replace("", "");
+ doc.replace("", "");
+ return doc;
}
return textString;
diff --git a/src/timeline/TimelineItem.cpp b/src/timeline/TimelineItem.cpp
index cd12207c..c2bd98d9 100644
--- a/src/timeline/TimelineItem.cpp
+++ b/src/timeline/TimelineItem.cpp
@@ -494,7 +494,7 @@ TimelineItem::TimelineItem(const mtx::events::RoomEvent
const auto sender = QString::fromStdString(event.sender);
auto formatted_body = utils::linkifyMessage(utils::getMessageBody(event).trimmed());
- auto body = QString::fromStdString(event.content.body).trimmed();
+ auto body = QString::fromStdString(event.content.body).trimmed().toHtmlEscaped();
auto timestamp = QDateTime::fromMSecsSinceEpoch(event.origin_server_ts);
auto displayName = Cache::displayName(room_id_, sender);
@@ -586,7 +586,7 @@ TimelineItem::TimelineItem(const mtx::events::RoomEvent
const auto sender = QString::fromStdString(event.sender);
auto formatted_body = utils::linkifyMessage(utils::getMessageBody(event).trimmed());
- auto body = QString::fromStdString(event.content.body).trimmed();
+ auto body = QString::fromStdString(event.content.body).trimmed().toHtmlEscaped();
auto timestamp = QDateTime::fromMSecsSinceEpoch(event.origin_server_ts);
auto displayName = Cache::displayName(room_id_, sender);