From 53c93df9e3ace638c7706001b3d8b5a8829bf4bb Mon Sep 17 00:00:00 2001
From: raphael <raphael.fritsch@reutlingen-university.de>
Date: Tue, 25 Jun 2019 14:15:44 +0200
Subject: [PATCH] escape file upload fields

---
 server.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/server.js b/server.js
index 33f34f3..694e47d 100644
--- a/server.js
+++ b/server.js
@@ -89,7 +89,7 @@ app.post('/upload', function (req, res) { //File upload
 
 function progressUploadFormData(formData) {
     console.log("Progress new Form Data");
-    var fields = formData.fields;
+    var fields = escapeAllContentStrings(formData.fields);
     var files = formData.files;
     var whiteboardId = fields["whiteboardId"];
 
@@ -122,7 +122,7 @@ io.on('connection', function (socket) {
     var whiteboardId = null;
 
     socket.on('disconnect', function () {
-        if(smallestScreenResolutions && smallestScreenResolutions[whiteboardId] && socket && socket.id) {
+        if (smallestScreenResolutions && smallestScreenResolutions[whiteboardId] && socket && socket.id) {
             delete smallestScreenResolutions[whiteboardId][socket.id];
         }
         socket.broadcast.emit('refreshUserBadges', null); //Removes old user Badges