From ebfcbbff9c75ee3e3009b04ba5388c33f2d7e8da Mon Sep 17 00:00:00 2001
From: Brendan Abolivier <babolivier@matrix.org>
Date: Fri, 13 Mar 2020 19:09:22 +0000
Subject: [PATCH] Use innerText instead of innerHTML

---
 synapse/res/templates/saml_error.html | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/synapse/res/templates/saml_error.html b/synapse/res/templates/saml_error.html
index 223d3a74bc..bfd6449c5d 100644
--- a/synapse/res/templates/saml_error.html
+++ b/synapse/res/templates/saml_error.html
@@ -37,7 +37,8 @@
         // to print one.
         let errorDesc = new URLSearchParams(searchStr).get("error_description")
         if (errorDesc) {
-            document.getElementById("errormsg").innerHTML = ` ("${errorDesc}")`;
+
+            document.getElementById("errormsg").innerText = ` ("${errorDesc}")`;
         }
     </script>
 </body>
-- 
GitLab