Yet more XSS fixing
This commit is contained in:
parent
b6e972da47
commit
b802d25ae5
|
@ -232,7 +232,7 @@ const viewMessage = m => {
|
|||
if (data.channel) {
|
||||
const color = intToHSL(getHash(data.channel.toString()))
|
||||
const style = "color: " + color;
|
||||
children.push([ "span", { ...cls("channel"), style }, data.channel ])
|
||||
children.push([ "span", { ...cls("channel"), style }, data.channel.toString() ])
|
||||
}
|
||||
if (data.message) {
|
||||
let text = JSON.stringify(data.message, null, "\t");
|
||||
|
|
|
@ -22,6 +22,7 @@ const wildcardChannel = "*"
|
|||
const messageLog = []
|
||||
|
||||
const broadcast = (wss, msg, sender) => {
|
||||
validateChannel(msg.channel);
|
||||
const toSend = {
|
||||
...msg,
|
||||
type: "message",
|
||||
|
|
Loading…
Reference in New Issue