From 46755f909ce635b3593c11ee8f6eda99ab519786 Mon Sep 17 00:00:00 2001
From: Markus Frindt <markuslawl@gmail.com>
Date: Tue, 5 Dec 2023 16:06:04 +0100
Subject: [PATCH] do not escape req.body.tag (#559)

Co-authored-by: Markus Frindt <m.frindt@cognigy.com>
---
 lib/http-routes/schemas/create-call.js | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/lib/http-routes/schemas/create-call.js b/lib/http-routes/schemas/create-call.js
index ff9314aa..a36ebbe4 100644
--- a/lib/http-routes/schemas/create-call.js
+++ b/lib/http-routes/schemas/create-call.js
@@ -116,12 +116,9 @@ const customSanitizeFunction = (value) => {
       /* trims characters at the beginning and at the end of a string */
       value = value.trim();
 
-      /* We don't escape URLs but verify them via new URL */
+      /* Verify strings including 'http' via new URL */
       if (value.includes('http')) {
         value = new URL(value).toString();
-      } else {
-        /* replaces <, >, &, ', " and / with their corresponding HTML entities */
-        value = escape(value);
       }
     }
   } catch (error) {