Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-27 17:16:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

make sure validator.escape() receives strings only

Browse Source
This commit is contained in:
barisusakli
2016-08-27 15:45:15 +03:00
parent 431e7dd987
commit 07fe5057e1
20 changed files with 34 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/middleware/render.js
View File

@@ -81,7 +81,7 @@ module.exports = function(middleware) {
}
str = template + str;
var language = res.locals.config ? res.locals.config.userLang || 'en_GB' : 'en_GB';
language = req.query.lang ? validator.escape(req.query.lang) : language;
language = req.query.lang ? validator.escape(String(req.query.lang)) : language;
translator.translate(str, language, function(translated) {
translated = translator.unescape(translated);
translated = translated + '<script id="ajaxify-data" type="application/json">' + ajaxifyData + '</script>';