Escaping HTML in messages, verifying nicknames.
This commit is contained in:
Marat Fayzullin
parent
632c5e4437
commit
673aa186f1
|
|
@ -258,8 +258,10 @@ UI.recvChatMessage = function(nickname, text, color = 'white') {
|
||||||
toggle_panel('openwebrx-panel-log', true);
|
toggle_panel('openwebrx-panel-log', true);
|
||||||
|
|
||||||
divlog(
|
divlog(
|
||||||
'[<span class="nickname" style="color:' + color + ';">' + nickname
|
'[<span class="nickname" style="color:' + color + ';">'
|
||||||
+ '</span>]: ' + '<span class="chatmessage">' + text + '</span>'
|
+ Utils.htmlEscape(nickname) + '</span>]: '
|
||||||
|
+ '<span class="chatmessage">' + Utils.htmlEscape(text)
|
||||||
|
+ '</span>'
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -2,6 +2,7 @@ from owrx.config import Config
|
||||||
from owrx.color import ColorCache
|
from owrx.color import ColorCache
|
||||||
from datetime import datetime, timedelta
|
from datetime import datetime, timedelta
|
||||||
import threading
|
import threading
|
||||||
|
import re
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
|
|
@ -31,7 +32,7 @@ class ClientRegistry(object):
|
||||||
self.clients = []
|
self.clients = []
|
||||||
self.bans = {}
|
self.bans = {}
|
||||||
self.chat = {}
|
self.chat = {}
|
||||||
self.chatCount = 0
|
self.chatCount = 1
|
||||||
self.chatColors = ColorCache()
|
self.chatColors = ColorCache()
|
||||||
Config.get().wireProperty("max_clients", self._checkClientCount)
|
Config.get().wireProperty("max_clients", self._checkClientCount)
|
||||||
super().__init__()
|
super().__init__()
|
||||||
|
|
@ -69,23 +70,27 @@ class ClientRegistry(object):
|
||||||
|
|
||||||
# Broadcast chat message to all connected clients.
|
# Broadcast chat message to all connected clients.
|
||||||
def broadcastChatMessage(self, client, text: str, name: str = None):
|
def broadcastChatMessage(self, client, text: str, name: str = None):
|
||||||
# Names have to be 3+ characters
|
# Names can only include alphanumerics
|
||||||
if name is not None and len(name) < 1:
|
if name is not None:
|
||||||
name = None
|
name = re.sub("\W+", "", name)
|
||||||
|
# If we have seen this client chatting before...
|
||||||
if client in self.chat:
|
if client in self.chat:
|
||||||
|
# Rename existing client as needed, keep color
|
||||||
curname = self.chat[client]["name"]
|
curname = self.chat[client]["name"]
|
||||||
color = self.chat[client]["color"]
|
color = self.chat[client]["color"]
|
||||||
if name is None or name == curname:
|
if not name or name == curname:
|
||||||
name = curname
|
name = curname
|
||||||
else:
|
else:
|
||||||
self.chatColors.rename(curname, name)
|
self.chatColors.rename(curname, name)
|
||||||
self.chat[client]["name"] = name
|
self.chat[client]["name"] = name
|
||||||
else:
|
else:
|
||||||
name = "User%d" % (self.chatCount + 1) if name is None else name
|
# Create name and color for a new client
|
||||||
|
name = "User%d" % self.chatCount if not name else name
|
||||||
color = self.chatColors.getColor(name)
|
color = self.chatColors.getColor(name)
|
||||||
self.chat[client] = { "name": name, "color": color }
|
self.chat[client] = { "name": name, "color": color }
|
||||||
self.chatCount = (self.chatCount + 1) % 9999
|
self.chatCount = self.chatCount + 1
|
||||||
|
|
||||||
|
# Broadcast message to all clients
|
||||||
for c in self.clients:
|
for c in self.clients:
|
||||||
c.write_chat_message(name, text, color)
|
c.write_chat_message(name, text, color)
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue