Prevent HTML injection through /topic!!!!
Really big security issue here.
This commit is contained in:
parent
890c751bb6
commit
6c852a849a
|
@ -29,7 +29,7 @@ module.exports = function(irc, network) {
|
||||||
chan.topic = topic
|
chan.topic = topic
|
||||||
client.emit("topic", {
|
client.emit("topic", {
|
||||||
chan: chan.id,
|
chan: chan.id,
|
||||||
topic: topic
|
topic: _.escape(topic)
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in New Issue