#181 sanitize user input

Author: athu-tran

src/views/Media/News/NewsletterSignup.vue

@@ -188,6 +188,7 @@
 
 <script>
 import axios from 'axios';
+import Vue from 'vue';
 
 export default {
   name: 'NewsletterSignup',
@@ -235,10 +236,34 @@ export default {
       }${/@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/.source}`);
       return re.test(email);
     },
+    sanitizeUserInput() {
+      const htmlEntityencodingMap = {
+        '&': '&amp;',
+        '<': '&lt',
+        '>': '&gt;',
+        '"': '&quot;',
+        "'": '&#x27;',
+      };
+
+      Object.entries(this.userInfo).forEach((data) => {
+        const [field, value] = data;
+
+        if (value.length > 0) {
+          let sanitizedvalue = value;
+          Object.entries(htmlEntityencodingMap).forEach((entry) => {
+            const [readableChar, codedChar] = entry;
+            sanitizedvalue = sanitizedvalue.replaceAll(readableChar, codedChar);
+          });
+          Vue.set(this.userInfo, field, sanitizedvalue);
+        }
+      });
+    },
     subscribe() {
       this.submitted = true;
       this.subscribed = false;
 
+      this.sanitizeUserInput();
+
       const instance = axios.create({
         baseURL: this.$store.state.API_BASE,
       });