mirror of
https://github.com/VOREStation/VOREStation.git
synced 2026-01-31 03:12:24 +00:00
137cb1fe26
With clever usage of some tools, users are able to send debug logs which will show to admins with the debug logs enabled. While this isn't an intended function, it is harmless if properly sanitized. Without sanitization, users could potentially send a phishing link through it with something like "CRITICAL FAILURE: SERVER CRASH IMMINENT! CLICK <HERE> TO VIEW CAUSE" and possibly set a fire under any maintainers ass and get them to click said link and cause them to fire off a command or be redirected to a website. This PR properly sanitizes the debug text to prevent that from happening, so if some dummy tries to use fancy phishing tricks it'll be obvious and they can properly be smited.