Decode entities when setting values for /me form inputs.

The API takes care of encoding character but React components are re-encoding those characters on render. Also, it seems the API does a good job filtering HTML tag injections.
Automattic · Nov 26, 2015 · bc4f83b · bc4f83b
1 parent 103734d
commit bc4f83b
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/client/me/form-base/index.js b/client/me/form-base/index.js
@@ -6,7 +6,8 @@ var debug = require( 'debug' )( 'calypso:me:form-base' );
 /**
  * Internal dependencies
  */
-var notices = require( 'notices' );
+var notices = require( 'notices' ),
+	formatting = require( 'lib/formatting' );
 
 module.exports = {
 	componentDidMount: function() {
@@ -52,7 +53,7 @@ module.exports = {
 
 	valueLink: function( settingName ) {
 		return {
-			value: this.props.userSettings.getSetting( settingName ),
+			value: formatting.decodeEntities( this.props.userSettings.getSetting( settingName ) ),
 			requestChange: function( value ) {
 				this.props.userSettings.updateSetting( settingName, value );
 			}.bind( this )