gui: Show messages as text not html

Currently, error messages (such as InitError) are displayed as-is, which means Qt does auto detection on the format. This means that it's possible to inject HTML from the command line though e.g. specifying a wallet name with HTML in it. This isn't a direct security risk because fetching content from internet is disabled (and as far as I know we never report strings received from the network this way). However, it can be confusing. So explicitly force the format as text. Github-Pull: #12617 Rebased-From: 6fbc0986fa2d49a1cb65b60eca71c25c84842a54
author: Wladimir J. van der Laan <laanwj@gmail.com> 2018-03-06 16:39:45 +0100
committer: MarcoFalke <falke.marco@gmail.com> 2018-07-13 13:33:58 -0400
commit: 21dd5127a423f38712dcdcef4002e714e8276bd2 (patch)
tree: 5f17dc61a7de41b5b528f673a8f3d6a9ad85f4ee
parent: f78e7f6589eca50650ecd2010c41333b12f964b0 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/src/qt/bitcoingui.cpp b/src/qt/bitcoingui.cpp
index 09ae8b1c68..14ea9d75e4 100644
--- a/src/qt/bitcoingui.cpp
+++ b/src/qt/bitcoingui.cpp
@@ -923,6 +923,7 @@ void BitcoinGUI::message(const QString &title, const QString &message, unsigned
 
         showNormalIfMinimized();
         QMessageBox mBox((QMessageBox::Icon)nMBoxIcon, strTitle, message, buttons, this);
+        mBox.setTextFormat(Qt::PlainText);
         int r = mBox.exec();
         if (ret != nullptr)
             *ret = r == QMessageBox::Ok;
author	Wladimir J. van der Laan <laanwj@gmail.com>	2018-03-06 16:39:45 +0100
committer	MarcoFalke <falke.marco@gmail.com>	2018-07-13 13:33:58 -0400
commit	21dd5127a423f38712dcdcef4002e714e8276bd2 (patch)
tree	5f17dc61a7de41b5b528f673a8f3d6a9ad85f4ee
parent	f78e7f6589eca50650ecd2010c41333b12f964b0 (diff)