1 files changed, 4 insertions, 4 deletions

diff --git a/public/assets/js/lib/views/details/settings.js b/public/assets/js/lib/views/details/settings.js
index c8e53db..a7dd050 100644
--- a/public/assets/js/lib/views/details/settings.js
+++ b/public/assets/js/lib/views/details/settings.js
@@ -42,7 +42,7 @@ var ThreadSettingsForm = FormView.extend({
 
     this.$(".close_link").attr("href", "/details/" + thread.id)
     this.$(".metadata").html(metadata(thread))
-    this.$("[name=title]").val(sanitize(thread.title))
+    this.$("[name=title]").val(thread.title)
 
     this.$("[name=hootbox]").prop("checked", !!thread.settings.hootbox)
     this.$("[name=shorturls]").prop("checked", !!thread.settings.shorturls)
@@ -130,7 +130,7 @@ var ThreadSettingsForm = FormView.extend({
     var usernames = this.$('[name=allowed_field]').val().replace(/,/g, ' ').split(' ').map(s => s.trim()).filter(s => !! s)
     this.$('[name=allowed_field]').val('')
     usernames = usernames.filter( (name) => this.allowed.indexOf(name) === -1 )
-      .map( (name) => sanitize(name) )
+      .map( (name) => sanitizeHTML(name) )
     $.ajax({
       method: "PUT",
       url: "/api/checkUsernames",
@@ -216,7 +216,7 @@ var ThreadSettingsForm = FormView.extend({
     var id = data.thread.id
     var comment_count = (data.comments || []).length
     var file_count = (data.files || []).length
-    var msg = "Are you sure you want to delete this thread?\n\n#" + id + ' "' + sanitize(data.thread.title) + '"'
+    var msg = "Are you sure you want to delete this thread?\n\n#" + id + ' "' + sanitizeHTML(data.thread.title) + '"'
     msg += " + " + comment_count + " comment" + courtesy_s(comment_count)
     if ( file_count) msg += " + " + file_count + " file" + courtesy_s(file_count)
     var should_remove = confirm(msg)
@@ -244,7 +244,7 @@ var ThreadSettingsForm = FormView.extend({
     var data = this.options.parent.data
     var file = data.files.find(f => f.id === file_id)
     if (! file) return
-    var msg = "Are you sure you want to delete this file?\n\n#" + file_id + ' "' + sanitize(file.filename) + '"'
+    var msg = "Are you sure you want to delete this file?\n\n#" + file_id + ' "' + sanitizeHTML(file.filename) + '"'
     var should_remove = confirm(msg)
     if (should_remove) {
       $.ajax({