From 52b8a229172e31cef1331d03de9796ad41717577 Mon Sep 17 00:00:00 2001
From: justcool393 <justcool393@gmail.com>
Date: Thu, 20 Oct 2022 18:18:47 -0500
Subject: [PATCH] messages: use sanitize_raw_body

---
 files/routes/users.py | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/files/routes/users.py b/files/routes/users.py
index 8ec450e0c..10f2f6976 100644
--- a/files/routes/users.py
+++ b/files/routes/users.py
@@ -518,12 +518,9 @@ def message2(v, username):
 	if v.admin_level <= PERMS['MESSAGE_BLOCKED_USERS'] and hasattr(user, 'is_blocked') and user.is_blocked:
 		abort(403, "This user is blocking you.")
 
-	message = request.values.get("message", "").strip()[:10000].strip()
-
+	message = sanitize_raw_body(request.values.get("message"), False)
 	if not message: abort(400, "Message is empty!")
-
 	if 'linkedin.com' in message: abort(403, "This domain 'linkedin.com' is banned.")
-
 	if 'discord.gg' in message or 'discord.com' in message or 'discordapp.com' in message:
 		abort(403, "Stop grooming!")
 
@@ -544,7 +541,6 @@ def message2(v, username):
 						body_html=body_html
 						)
 	g.db.add(c)
-
 	g.db.flush()
 
 	if blackjack and any(i in c.body_html.lower() for i in blackjack.split()):