From 0314a67ee9a5de6211991ecb12012d0ade3ec1b1 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Thu, 26 Nov 2015 10:51:25 +0100
Subject: [PATCH] Use content editable widget to prevent not wanted html
 injections.

---
 app/assets/javascripts/app/controllers/chat.coffee | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/app/assets/javascripts/app/controllers/chat.coffee b/app/assets/javascripts/app/controllers/chat.coffee
index 702908b3a..da34f17da 100644
--- a/app/assets/javascripts/app/controllers/chat.coffee
+++ b/app/assets/javascripts/app/controllers/chat.coffee
@@ -294,6 +294,12 @@ class ChatWindow extends App.Controller
     if event.data and event.data.callback
       event.data.callback()
 
+    @$('.js-customerChatInput').ce({
+      mode:      'richtext'
+      multiline: true
+      maxlength: 40000
+    })
+
   close: =>
     @el.one 'transitionend', { callback: @release }, @onTransitionend
     @el.removeClass('is-open')