From 48feaf10ff76a51828d656a4acef4c0dd09eb775 Mon Sep 17 00:00:00 2001 From: kubeeek Date: Sun, 15 Mar 2020 19:23:28 +0100 Subject: [PATCH] Added simple sanitization of input --- client/html/js/default.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/client/html/js/default.js b/client/html/js/default.js index 3f06cec..8682cc1 100644 --- a/client/html/js/default.js +++ b/client/html/js/default.js @@ -42,6 +42,8 @@ function pushMessage(text, color = 'white', gradient = false, icon = false) { if (text.length < 1) return; if (gradient !== false && Array.isArray(gradient) === false) return; + text = text.replace(/[<>]/gi, ""); + let style = `color:${color};` if (gradient) @@ -180,4 +182,4 @@ alt.on('chat:sendInput', sendInput); alt.on('chat:scrollMessagesList', scrollMessagesList); alt.on('chat:addInputToHistory', addInputToHistory); alt.on('chat:shiftHistoryUp', shiftHistoryUp); -alt.on('chat:shiftHistoryDown', shiftHistoryDown); \ No newline at end of file +alt.on('chat:shiftHistoryDown', shiftHistoryDown);