Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2026-01-03 14:20:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

use validator.escape

Browse Source
This commit is contained in:
barisusakli
2014-12-18 23:43:07 -05:00
parent 793a0a6772
commit 6a8a5a9de0
1 changed files with 1 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/middleware/middleware.js
View File

@@ -252,13 +252,6 @@ middleware.renderHeader = function(req, res, callback) {
navigation: custom_header.navigation,
allowRegistration: meta.config.allowRegistration === undefined || parseInt(meta.config.allowRegistration, 10) === 1,
searchEnabled: plugins.hasListeners('filter:search.query')
},
escapeList = {
'&': '&',
'<': '&lt;',
'>': '&gt;',
"'": '&apos;',
'"': '&quot;'
};
for (var key in res.locals.config) {
@@ -273,9 +266,7 @@ middleware.renderHeader = function(req, res, callback) {
return tag;
}
tag.content = tag.content.replace(/[&<>'"]/g, function(tag) {
return escapeList[tag] || tag;
});
tag.content = validator.escape(tag.content);
return tag;
});