From 6d59dbdfefd87a6f4daf0300c8ae242a4ad2726e Mon Sep 17 00:00:00 2001 From: ShadowLarkens Date: Fri, 24 Apr 2020 16:10:31 -0700 Subject: [PATCH] Fixed multilingualism breaking ' and " in chat, and prevent html injection --- code/modules/mob/living/say.dm | 5 +++++ code/modules/mob/say.dm | 7 +++---- code/modules/mob/say_vr.dm | 7 +++++++ 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/code/modules/mob/living/say.dm b/code/modules/mob/living/say.dm index bd332f61f9..a67e608549 100644 --- a/code/modules/mob/living/say.dm +++ b/code/modules/mob/living/say.dm @@ -172,6 +172,11 @@ proc/get_radio_key_from_channel(var/channel) //Clean up any remaining space on the left message = trim_left(message) + // VOREStation Edit - Reflect messages as needed, no sanitizing because parse_languages will handle it for us + if(reflect_if_needed(message, src)) + return + // VOREStation Edit End + //Parse the language code and consume it var/list/message_pieces = parse_languages(message) if(istype(message_pieces, /datum/multilingual_say_piece)) // Little quark for dealing with hivemind/signlang languages. diff --git a/code/modules/mob/say.dm b/code/modules/mob/say.dm index fce88e43df..dcc8508800 100644 --- a/code/modules/mob/say.dm +++ b/code/modules/mob/say.dm @@ -12,7 +12,6 @@ set category = "IC" set_typing_indicator(FALSE) - message = sanitize_or_reflect(message, src) //VOREStation Edit - Reflect too-long messages, within reason usr.say(message) /mob/verb/me_verb(message as text) @@ -216,14 +215,14 @@ // There are a few things that will make us want to ignore all other languages in - namely, HIVEMIND languages. var/datum/language/L = current[1] if(L && (L.flags & HIVEMIND || L.flags & SIGNLANG)) - return new /datum/multilingual_say_piece(L, trim(strip_prefixes(message))) + return new /datum/multilingual_say_piece(L, trim(sanitize(strip_prefixes(message)))) if(i + 1 > length(prefix_locations)) // We are out of lookaheads, that means the rest of the message is in cur lang - var/spoke_message = handle_autohiss(trim(copytext(message, current[3])), L) + var/spoke_message = sanitize(handle_autohiss(trim(copytext(message, current[3])), L)) . += new /datum/multilingual_say_piece(current[1], spoke_message) else var/next = prefix_locations[i + 1] // We look ahead at the next message to see where we need to stop. - var/spoke_message = handle_autohiss(trim(copytext(message, current[3], next[2])), L) + var/spoke_message = sanitize(handle_autohiss(trim(copytext(message, current[3], next[2])), L)) . += new /datum/multilingual_say_piece(current[1], spoke_message) /* These are here purely because it would be hell to try to convert everything over to using the multi-lingual system at once */ diff --git a/code/modules/mob/say_vr.dm b/code/modules/mob/say_vr.dm index bd81c9b347..05642705a1 100644 --- a/code/modules/mob/say_vr.dm +++ b/code/modules/mob/say_vr.dm @@ -84,6 +84,13 @@ else return message +// returns true if it failed +/proc/reflect_if_needed(message, user) + if(length(message) > MAX_HUGE_MESSAGE_LEN) + fail_to_chat(user) + return TRUE + return FALSE + /proc/fail_to_chat(user,message) if(!message) to_chat(user, "Your message was NOT SENT, either because it was FAR too long, or sanitized to nothing at all.")