From 236e8f638681ee3c69d3694f2fd45d6d572f5074 Mon Sep 17 00:00:00 2001
From: EETagent <vojta.jungmann@gmail.com>
Date: Tue, 17 Jan 2023 17:43:29 +0100
Subject: [PATCH] feat: sanitize grades too

---
 frontend/src/lib/@api/candidate.ts | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/frontend/src/lib/@api/candidate.ts b/frontend/src/lib/@api/candidate.ts
index 2b9da43..8f57938 100644
--- a/frontend/src/lib/@api/candidate.ts
+++ b/frontend/src/lib/@api/candidate.ts
@@ -3,7 +3,6 @@ import type {
 	BaseCandidate,
 	CandidateData,
 	CandidateLogin,
-	CreateCandidate
 } from '$lib/stores/candidate';
 import type { SubmissionProgress } from '$lib/stores/portfolio';
 import { API_URL, errorHandler, type Fetch } from '.';
@@ -92,6 +91,14 @@ export const apiFillDetails = async (data: CandidateData): Promise<CandidateData
 		// @ts-ignore
 		data.candidate[key] = DOMPurify.sanitize(data.candidate[key]);
 	});
+	// Sanitize grades data
+	for (let index = 0; index < data.candidate.grades.length; index++) {
+		Object.keys(data.candidate.grades[index]).forEach((key) => {
+			// eslint-disable-next-line @typescript-eslint/ban-ts-comment
+			// @ts-ignore
+			data.candidate.grades[index][key] = DOMPurify.sanitize(data.candidate.grades[index][key]);
+		});
+	}
 	// Sanitize parents data
 	for (let index = 0; index < data.parents.length; index++) {
 		Object.keys(data.parents[index]).forEach((key) => {