From 7fc04b21682a0b413f83dc680f81c7c73040e7dc Mon Sep 17 00:00:00 2001
From: nobody <nobody@zotlabs.com>
Date: Thu, 4 Feb 2021 15:33:51 -0800
Subject: [PATCH] apply escape flag to incoming zot6 content

---
 Zotlabs/Lib/Activity.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php
index 1aaa874b2..e812feaa0 100644
--- a/Zotlabs/Lib/Activity.php
+++ b/Zotlabs/Lib/Activity.php
@@ -3375,7 +3375,7 @@ class Activity {
 
 		if (array_path_exists('source/mediaType',$act) && array_path_exists('source/content',$act)) {
 			if ($act['source']['mediaType'] === 'text/bbcode') {
-				$content['bbcode'] = purify_html($act['source']['content']);
+				$content['bbcode'] = purify_html($act['source']['content'], [ 'escape'] );
 			}
 		}