tobast/glowingbear-mainbox
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

plugins: sanitize user input before passing it to plugins

Browse source
This commit is contained in:
David Cormier 2015-10-16 15:13:53 -04:00
parent 94f5445742
commit 0afa7bc184
1 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
js/plugins.js
View file

@ -57,7 +57,7 @@ var UrlPlugin = function(name, urlCallback) {
* to display when messages are received. * to display when messages are received.
* *
*/ */
plugins.service('plugins', ['userPlugins', '$sce', function(userPlugins, $sce) { plugins.service('plugins', ['userPlugins', '$sce', '$sanitize', function(userPlugins, $sce, $sanitize) {
/* /*
* Defines the plugin manager object * Defines the plugin manager object
@ -85,7 +85,7 @@ plugins.service('plugins', ['userPlugins', '$sce', function(userPlugins, $sce) {
*/ */
var contentForMessage = function(message) { var contentForMessage = function(message) {
message.metadata = []; message.metadata = [];
message.text = $sanitize(message.text);
var addPluginContent = function(content, pluginName, num) { var addPluginContent = function(content, pluginName, num) {
if (num) { if (num) {
pluginName += " " + num; pluginName += " " + num;
@ -110,7 +110,9 @@ plugins.service('plugins', ['userPlugins', '$sce', function(userPlugins, $sce) {
nsfw = true; nsfw = true;
} }
var pluginContent = plugins[i].contentForMessage(message.text); var pluginContent = plugins[i].contentForMessage(
message.text
);
if (pluginContent && pluginContent !== []) { if (pluginContent && pluginContent !== []) {
if (pluginContent instanceof Array) { if (pluginContent instanceof Array) {