fix: strip all tags in chat

author xangelo <me@xangelo.ca>

Mon, 21 Aug 2023 20:04:33 +0000 (16:04 -0400)

committer xangelo <me@xangelo.ca>

Mon, 21 Aug 2023 20:04:33 +0000 (16:04 -0400)
author xangelo <me@xangelo.ca>
Mon, 21 Aug 2023 20:04:33 +0000 (16:04 -0400)
committer xangelo <me@xangelo.ca>
Mon, 21 Aug 2023 20:04:33 +0000 (16:04 -0400)
diff --git a/src/server/api.ts b/src/server/api.ts

index d8296fc1de79d513619a3aea18d65bdf2d920f3a..a0c4f45aab1e9f993c0e0ac1087e0a65d529ad4a 100644 (file)
--- a/src/server/api.ts
+++ b/src/server/api.ts
@@ -416,7 +416,9 @@ app.post('/chat', authEndpoint, async (req: AuthRequest, res: Response) => {
      }
    }
    else {
-    message = broadcastMessage(req.player.username, xss(msg));
+    message = broadcastMessage(req.player.username, xss(msg, {
+      whiteList: {}
+    }));
      chatHistory.push(message);
      chatHistory.slice(-10);
    }
author	xangelo <me@xangelo.ca>
	Mon, 21 Aug 2023 20:04:33 +0000 (16:04 -0400)
committer	xangelo <me@xangelo.ca>
	Mon, 21 Aug 2023 20:04:33 +0000 (16:04 -0400)