Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-02 03:55:55 +01:00
Code Issues Packages Projects Releases Wiki Activity

fixes potential XSS in usercard

Browse Source
This commit is contained in:
psychobunny
2016-03-21 08:58:59 -04:00
parent cccc64ef90
commit 294171b072
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/posts/user.js
View File

@@ -1,6 +1,7 @@
'use strict';
var async = require('async'),
validator = require('validator'),
db = require('../database'),
user = require('../user'),
@@ -69,6 +70,8 @@ module.exports = function(Posts) {
userData.picture = userData.picture || '';
userData.status = user.getStatus(userData);
userData.groupTitle = results.groupTitles[i].groupTitle;
userData.signature = validator.escape(userData.signature || '');
userData.fullname = validator.escape(userData.fullname || '');
});
async.map(userData, function(userData, next) {