cyberpresidentvanellope/Polaris
1
0
Fork 0
mirror of https://github.com/PolarisSS13/Polaris.git synced 2025-12-29 19:43:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix HTML Injection bug in saycode

Browse Source
This commit is contained in:
ShadowLarkens
2020-04-24 16:17:51 -07:00
parent a51f92bf8a
commit abfc89982d
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
code/modules/mob/say.dm
View File

@@ -211,14 +211,14 @@
// There are a few things that will make us want to ignore all other languages in - namely, HIVEMIND languages.
var/datum/language/L = current[1]
if(L && (L.flags & HIVEMIND || L.flags & SIGNLANG))
return new /datum/multilingual_say_piece(L, trim(strip_prefixes(message)))
return new /datum/multilingual_say_piece(L, trim(sanitize(strip_prefixes(message))))
if(i + 1 > length(prefix_locations)) // We are out of lookaheads, that means the rest of the message is in cur lang
var/spoke_message = handle_autohiss(trim(copytext(message, current[3])), L)
var/spoke_message = sanitize(handle_autohiss(trim(copytext(message, current[3])), L))
. += new /datum/multilingual_say_piece(current[1], spoke_message)
else
var/next = prefix_locations[i + 1] // We look ahead at the next message to see where we need to stop.
var/spoke_message = handle_autohiss(trim(copytext(message, current[3], next[2])), L)
var/spoke_message = sanitize(handle_autohiss(trim(copytext(message, current[3], next[2])), L))
. += new /datum/multilingual_say_piece(current[1], spoke_message)
/* These are here purely because it would be hell to try to convert everything over to using the multi-lingual system at once */