Prevent HTML injection through /topic!!!!

Really big security issue here.
This commit is contained in:
PangeaCake 2015-01-21 19:04:01 -08:00
parent 890c751bb6
commit 6c852a849a

View File

@ -29,7 +29,7 @@ module.exports = function(irc, network) {
chan.topic = topic chan.topic = topic
client.emit("topic", { client.emit("topic", {
chan: chan.id, chan: chan.id,
topic: topic topic: _.escape(topic)
}); });
}); });
}; };