From b14bbac0d28044b48e9c8b8828378a285606fa36 Mon Sep 17 00:00:00 2001
From: Tom Heller <thomas.heller@dynatrace.com>
Date: Wed, 16 Feb 2022 16:02:20 +0100
Subject: [PATCH] fix(core): Improved null check for sanitizer.

---
 .../core/src/util/sanitize.ts                 | 25 +++++++++++--------
 1 file changed, 14 insertions(+), 11 deletions(-)

diff --git a/libs/barista-components/core/src/util/sanitize.ts b/libs/barista-components/core/src/util/sanitize.ts
index 08f4493fec..9fd216e7d3 100644
--- a/libs/barista-components/core/src/util/sanitize.ts
+++ b/libs/barista-components/core/src/util/sanitize.ts
@@ -15,6 +15,7 @@
  */
 import { SecurityContext } from '@angular/core';
 import { DomSanitizer } from '@angular/platform-browser';
+import { isObject } from './type-util';
 
 /** Sanitizes a nested object or string from malicious html code  */
 export const sanitize = <T extends {} | string>(
@@ -25,16 +26,18 @@ export const sanitize = <T extends {} | string>(
     return sanitizer.sanitize(SecurityContext.HTML, option) as T;
   }
 
-  Object.keys(option).forEach((key) => {
-    if (typeof option[key] === 'string') {
-      option[key] = sanitizer.sanitize(SecurityContext.HTML, option[key]);
-    } else if (Array.isArray(option[key])) {
-      option[key].forEach((item, i) => {
-        option[key][i] = sanitize(item, sanitizer);
-      });
-    } else if (typeof option[key] === 'object') {
-      option[key] = sanitize(option[key], sanitizer);
-    }
-  });
+  if (option && isObject(option)) {
+    Object.keys(option).forEach((key) => {
+      if (typeof option[key] === 'string') {
+        option[key] = sanitizer.sanitize(SecurityContext.HTML, option[key]);
+      } else if (Array.isArray(option[key])) {
+        option[key].forEach((item, i) => {
+          option[key][i] = sanitize(item, sanitizer);
+        });
+      } else if (typeof option[key] === 'object') {
+        option[key] = sanitize(option[key], sanitizer);
+      }
+    });
+  }
   return option;
 };