From 3edd6622df873d97b9e70226ec9bd594db4e696d Mon Sep 17 00:00:00 2001
From: Arpit Jalan <arpit@techapj.com>
Date: Mon, 16 Apr 2018 01:07:47 +0530
Subject: [PATCH] SECURITY: santize tags when creating new topic via URL

---
 .../javascripts/discourse/controllers/composer.js.es6      | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/app/assets/javascripts/discourse/controllers/composer.js.es6 b/app/assets/javascripts/discourse/controllers/composer.js.es6
index d08f59c9f4b..df41d58a0a9 100644
--- a/app/assets/javascripts/discourse/controllers/composer.js.es6
+++ b/app/assets/javascripts/discourse/controllers/composer.js.es6
@@ -696,7 +696,12 @@ export default Ember.Controller.extend({
     }
 
     if (opts.topicTags && !this.site.mobileView && this.site.get('can_tag_topics')) {
-      this.set('model.tags', opts.topicTags.split(","));
+      const self = this;
+      let tags = escapeExpression(opts.topicTags).split(",").slice(0, self.siteSettings.max_tags_per_topic);
+      tags.forEach(function(tag, index, array) {
+        array[index] = tag.substring(0, self.siteSettings.max_tag_length);
+      });
+      self.set('model.tags', tags);
     }
 
     if (opts.topicBody) {