specter/CyTube
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Disallow ASCII control characters in messages

Browse source
This commit is contained in:
calzoneman 2014-08-29 15:47:56 -05:00
parent 2a8b94e26a
commit 484b695965
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
lib/channel/chat.js
View file

@ -116,7 +116,13 @@ ChatModule.prototype.handleChatMsg = function (user, data) {
return;
}
data.msg = data.msg.substring(0, 240);
// Limit to 240 characters, disallow all ASCII control characters except tab (\t)
data.msg = data.msg.substring(0, 240).replace(/[\x00-\x08\x0a-\x1f]+/g, " ");
// Disallow blankposting
if (!data.msg) {
return;
}
if (!user.is(Flags.U_LOGGED_IN)) {
return;