WebDev
/
VersaWhiteboard
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

prevent cross site scripting

This commit is contained in:
rofl256 2018-02-08 23:43:14 +01:00
parent 577e2969be
commit e1cd6fbb60
1 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
server.js
View File

@ -76,7 +76,26 @@ io.on('connection', function(socket){
});
socket.on('drawToWhiteboard', function(content) {
content = escapeAllContentStrings(content);
socket.broadcast.emit('drawToWhiteboard', content);
s_whiteboard.handleEventsAndData(content); //save whiteboardchanges on the server
});
});
});
//Prevent cross site scripting
function escapeAllContentStrings(content, cnt) {
if(!cnt)
cnt = 0;
if(typeof(content)=="string") {
return content.replace(/<\/?[^>]+(>|$)/g, "");
}
for(var i in content) {
if(typeof(content[i])=="string") {
content[i] = content[i].replace(/<\/?[^>]+(>|$)/g, "");
} if(typeof(content[i])=="object" && cnt < 10) {
content[i] = escapeAllContentStrings(content[i], ++cnt);
}
}
return content;
}