Prevent HTML injection through /topic!!!!
Really big security issue here.
This commit is contained in:
parent
890c751bb6
commit
6c852a849a
@ -29,7 +29,7 @@ module.exports = function(irc, network) {
|
||||
chan.topic = topic
|
||||
client.emit("topic", {
|
||||
chan: chan.id,
|
||||
topic: topic
|
||||
topic: _.escape(topic)
|
||||
});
|
||||
});
|
||||
};
|
||||
|
Loading…
Reference in New Issue
Block a user