tobast/glowingbear-mainbox
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

plugins: sanitize user input before passing it to plugins

Browse source
This commit is contained in:
David Cormier 2015-10-16 15:13:53 -04:00
parent 94f5445742
commit 0afa7bc184
1 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
js/plugins.js
View file

@ -57,7 +57,7 @@ var UrlPlugin = function(name, urlCallback) {
* to display when messages are received.
*
*/
plugins.service('plugins', ['userPlugins', '$sce', function(userPlugins, $sce) {
plugins.service('plugins', ['userPlugins', '$sce', '$sanitize', function(userPlugins, $sce, $sanitize) {
/*
* Defines the plugin manager object
@ -85,7 +85,7 @@ plugins.service('plugins', ['userPlugins', '$sce', function(userPlugins, $sce) {
*/
var contentForMessage = function(message) {
message.metadata = [];
message.text = $sanitize(message.text);
var addPluginContent = function(content, pluginName, num) {
if (num) {
pluginName += " " + num;
@ -110,7 +110,9 @@ plugins.service('plugins', ['userPlugins', '$sce', function(userPlugins, $sce) {
nsfw = true;
}
var pluginContent = plugins[i].contentForMessage(message.text);
var pluginContent = plugins[i].contentForMessage(
message.text
);
if (pluginContent && pluginContent !== []) {
if (pluginContent instanceof Array) {