From 09ed7fe283a1b07d2b287cb73370319618fa5a44 Mon Sep 17 00:00:00 2001
From: Neil Lalonde <neillalonde@gmail.com>
Date: Thu, 16 Jan 2014 16:12:34 -0500
Subject: [PATCH] Sanitize your bio after you save it and render it to
 yourself.

---
 .../javascripts/discourse/controllers/preferences_controller.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/assets/javascripts/discourse/controllers/preferences_controller.js b/app/assets/javascripts/discourse/controllers/preferences_controller.js
index 32c5805cc62..eae0af1e31b 100644
--- a/app/assets/javascripts/discourse/controllers/preferences_controller.js
+++ b/app/assets/javascripts/discourse/controllers/preferences_controller.js
@@ -63,7 +63,7 @@ Discourse.PreferencesController = Discourse.ObjectController.extend({
         if (Discourse.User.currentProp('id') === model.get('id')) {
           Discourse.User.currentProp('name', model.get('name'));
         }
-        self.set('bio_cooked', Discourse.Markdown.cook(self.get('bio_raw')));
+        self.set('bio_cooked', Discourse.Markdown.cook(Discourse.Markdown.sanitize(self.get('bio_raw'))));
         self.set('saved', true);
       }, function() {
         // model failed to save