From 1b1eba172ed9dd49deeb94002337f429943bc375 Mon Sep 17 00:00:00 2001
From: Michael Babker <michael.babker@gmail.com>
Date: Mon, 22 Jan 2018 08:54:53 -0600
Subject: [PATCH] Filter PR body text when pulling from GitHub

---
 .../com_patchtester/PatchTester/Model/PullsModel.php        | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/administrator/components/com_patchtester/PatchTester/Model/PullsModel.php b/administrator/components/com_patchtester/PatchTester/Model/PullsModel.php
index aa5a752..89b3806 100644
--- a/administrator/components/com_patchtester/PatchTester/Model/PullsModel.php
+++ b/administrator/components/com_patchtester/PatchTester/Model/PullsModel.php
@@ -8,6 +8,7 @@
 
 namespace PatchTester\Model;
 
+use Joomla\CMS\Filter\InputFilter;
 use Joomla\CMS\Pagination\Pagination;
 use Joomla\Registry\Registry;
 use PatchTester\GitHub\Exception\UnexpectedResponse;
@@ -370,7 +371,8 @@ class PullsModel extends \JModelDatabase
 			return array('complete' => true);
 		}
 
-		$data = array();
+		$data   = array();
+		$filter = InputFilter::getInstance();
 
 		foreach ($pulls as $pull)
 		{
@@ -396,7 +398,7 @@ class PullsModel extends \JModelDatabase
 				$pullData = array(
 					(int) $pull->number,
 					$this->getDb()->quote(\JHtml::_('string.truncate', $pull->title, 150)),
-					$this->getDb()->quote(\JHtml::_('string.truncate', $pull->body, 100)),
+					$this->getDb()->quote(\JHtml::_('string.truncate', $filter->clean($pull->body, 'raw'), 100)),
 					$this->getDb()->quote($pull->pull_request->html_url),
 					(int) $isRTC,
 					$this->getDb()->quote($branch),