Skip to content

Commit

Permalink
properly escape chat input
Browse files Browse the repository at this point in the history
  • Loading branch information
xLuxy committed Sep 21, 2023
1 parent c83d296 commit 211834c
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 7 deletions.
17 changes: 15 additions & 2 deletions chat/client/html/app.js
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,29 @@ let msgInputLine = null;

if (window.alt === undefined) {
window.alt = {
emit: () => {},
on: () => {},
emit: () => { },
on: () => { },
};
}

function escapeString(str) {
if (typeof str !== "string") return str;

return str
.replace(/&/g, "&")
.replace(/</g, "&lt;")
.replace(/>/g, "&gt;")
.replace(/"/g, "&quot;")
.replace(/'/g, "&#39;");
}

function colorify(text) {
let matches = [];
let m = null;
let curPos = 0;

text = escapeString(text);

do {
m = /\{[A-Fa-f0-9]{3}\}|\{[A-Fa-f0-9]{6}\}/g.exec(text.substr(curPos));

Expand Down
21 changes: 16 additions & 5 deletions freeroam-extended/client/html/app.js
Original file line number Diff line number Diff line change
Expand Up @@ -9,14 +9,25 @@ let msgInputLine = null;

if (window.alt === undefined) {
window.alt = {
emit: () => {},
on: () => {},
emit: () => { },
on: () => { },
};
}

function escapeString(str) {
if (typeof str !== "string") return str;

return str
.replace(/&/g, "&amp;")
.replace(/</g, "&lt;")
.replace(/>/g, "&gt;")
.replace(/"/g, "&quot;")
.replace(/'/g, "&#39;");
}

function colorify(text) {
if (text && typeof text === 'string') text = text.replace(/[<>]/g, '');
text = escapeString(text);

let matches = [];
let m = null;
let curPos = 0;
Expand Down Expand Up @@ -207,7 +218,7 @@ function setVoiceConnectionState(state) {
el.classList.remove(".voice-connection-status-connecting");

let stateText = "Disconnected"
switch(state) {
switch (state) {
case 0:
stateText = "Disconnected"
el.classList.add(".voice-connection-status-disconnected")
Expand Down

0 comments on commit 211834c

Please sign in to comment.