From 37ea7ac3092794da941fd13b02387af783532a09 Mon Sep 17 00:00:00 2001
From: Rodrigo Nascimento <rodrigoknascimento@gmail.com>
Date: Tue, 1 Aug 2017 18:27:51 -0300
Subject: [PATCH] =?UTF-8?q?[FIX]=20Wrong=20render=20of=20snippet=E2=80=99s?=
 =?UTF-8?q?=20name?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 packages/rocketchat-message-snippet/client/messageType.js       | 2 +-
 .../client/tabBar/views/snippetMessage.js                       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/rocketchat-message-snippet/client/messageType.js b/packages/rocketchat-message-snippet/client/messageType.js
index f6fa6da3399f..c1f1573a3d78 100644
--- a/packages/rocketchat-message-snippet/client/messageType.js
+++ b/packages/rocketchat-message-snippet/client/messageType.js
@@ -4,7 +4,7 @@ Meteor.startup(function() {
 		system: true,
 		message: 'Snippeted_a_message',
 		data(message) {
-			const snippetLink = `<a href="/snippet/${ message.snippetId }/${ message.snippetName }">${ message.snippetName }</a>`;
+			const snippetLink = `<a href="/snippet/${ message.snippetId }/${ encodeURIComponent(message.snippetName) }">${ _.escapeHTML(message.snippetName) }</a>`;
 			return { snippetLink };
 		}
 	});
diff --git a/packages/rocketchat-message-snippet/client/tabBar/views/snippetMessage.js b/packages/rocketchat-message-snippet/client/tabBar/views/snippetMessage.js
index 2f4d0967e5ed..323c71c91ff7 100644
--- a/packages/rocketchat-message-snippet/client/tabBar/views/snippetMessage.js
+++ b/packages/rocketchat-message-snippet/client/tabBar/views/snippetMessage.js
@@ -13,6 +13,6 @@ Template.snippetMessage.helpers({
 		}
 	},
 	body() {
-		return `<a href="/snippet/${ this._id }/${ this.snippetName }">${ this.snippetName }</a>`;
+		return `<a href="/snippet/${ this._id }/${ encodeURIComponent(this.snippetName) }">${ _.escapeHTML(this.snippetName) }</a>`;
 	}
 });