Revert "Potential fix for code scanning alert no. 2: Reflected cross-site scripting"

Author: KyFaSt

pages/api/display-message.js

@@ -2,15 +2,6 @@
 // DO NOT USE IN PRODUCTION
 // This API endpoint demonstrates XSS vulnerabilities for CodeQL detection
 
-function escapeHtml(str) {
-  return String(str)
-    .replace(/&/g, '&')
-    .replace(/</g, '&lt;')
-    .replace(/>/g, '&gt;')
-    .replace(/"/g, '&quot;')
-    .replace(/'/g, '&#39;');
-}
-
 export default function handler(req, res) {
   const { message } = req.query;
 
@@ -29,7 +20,7 @@ export default function handler(req, res) {
       </head>
       <body>
         <h1>Your Message:</h1>
-        <div>${escapeHtml(message)}</div>
+        <div>${message}</div>
       </body>
     </html>
   `;