Merge pull request #5065 from CHOMPStation2/upstream-merge-13825

[MIRROR] Sanitization
2025-12-12 03:02:54 +00:00 · 2022-10-02 23:01:42 -07:00
parent d7a36a1961 461c45b69b
commit bc11a71651
27 changed files with 81 additions and 51 deletions
--- a/code/modules/admin/verbs/randomverbs.dm
+++ b/code/modules/admin/verbs/randomverbs.dm
@@ -86,10 +86,14 @@
 	if (!holder)
 		return

-	var/msg = sanitize(tgui_input_text(usr, "Message:", text("Subtle PM to [M.key]")))
+	var/msg = tgui_input_text(usr, "Message:", text("Subtle PM to [M.key]"))

 	if (!msg)
 		return
+
+	if(!(msg[1] == "<" && msg[length(msg)] == ">")) //You can use HTML but only if the whole thing is HTML. Tries to prevent admin 'accidents'.
+		msg = sanitize(msg)
+
 	if(usr)
 		if (usr.client)
 			if(usr.client.holder)