mirror of
https://github.com/s00500/nodeMessageBoard.git
synced 2024-11-21 23:20:53 +00:00
Added html escaping
This commit is contained in:
parent
d1a2c2231d
commit
3938535404
14
server.js
14
server.js
@ -31,6 +31,18 @@ function ucs2Parse(ucs2){
|
||||
return returnString;
|
||||
}
|
||||
|
||||
// utility function for escaping HTML tags
|
||||
function escapeHtml(unsafe) {
|
||||
return unsafe
|
||||
.replace(/&/g, "&")
|
||||
.replace(/</g, "<")
|
||||
.replace(/>/g, ">")
|
||||
.replace(/"/g, """)
|
||||
.replace(/'/g, "'");
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
// handle contains locations to browse to (vote and poll); pathnames.
|
||||
function startServer(route,handle,debug)
|
||||
@ -139,7 +151,7 @@ function serialListener(debug)
|
||||
if (color == null)color = 0;//no messages yet
|
||||
color++;
|
||||
if(color > 4) color = 0;
|
||||
var messageRecieved = ucs2Parse(data);
|
||||
var messageRecieved = escapeHtml(ucs2Parse(data));
|
||||
db('messages').push({ numberString: numberStringRecieved,number: numberRecieved, time: timeRecieved, message: messageRecieved,color: color });
|
||||
//add a new message to the board directly
|
||||
socketServer.emit('newMessage', timeRecieved, numberRecieved, convert(messageRecieved),color);
|
||||
|
Loading…
Reference in New Issue
Block a user