result = gexp_response.substring(0, breakpos-1);
the_message = gexp_response.substring(breakpos+1);
the_message = the_message.substring(0, the_message.indexOf('\n000'));
+
+ // Sanitize HTML in the message
+ the_message = the_message.replaceAll("&", "&");
the_message = the_message.replaceAll("<", "<");
the_message = the_message.replaceAll(">", ">");
- the_message = the_message.replaceAll("&", "&");
+
sender = extract_token(result.substring(4), 3, '|');
// Figure out which div to write it to...