Merge pull request #9796 from Citinited/no-goatse-in-chat-pls

[s] Fixes a way to circumvent banned HTML tag check
This commit is contained in:
Crazy Lemon
2018-10-09 19:16:47 -07:00
committed by GitHub
@@ -248,7 +248,7 @@
But I like HTML, so back to no sanitizing.*/
var/message = interpreter.GetVar("$content")
var/regex/bannedTags = new ("(<script|<iframe|<video|<audio|<embed|<svg)")
var/regex/bannedTags = new ("(<script|<iframe|<video|<audio|<embed|<svg)", "i")
if(bannedTags.Find(message)) //uh oh
message_admins("Warning: Current Telecomms script contains banned html. Stripping message.")
log_admin("Warning: Current Telecomms script contains banned html. Stripping message.")