mirror of https://github.com/calzoneman/sync.git
Change sanitize-html back to the upstream module
This commit is contained in:
parent
a56f0d5b10
commit
d65cf1beef
11
NEWS.md
11
NEWS.md
|
@ -1,3 +1,14 @@
|
|||
2017-03-03
|
||||
==========
|
||||
|
||||
The dependency on `sanitize-html`, which previously pointed to a fork, has now
|
||||
been switched back to the upstream module. XSS filtering has been turned off
|
||||
for the chat filter replacement itself (since this provides no additional
|
||||
security), and is now only run on the final chat message after filtering.
|
||||
Certain chat filters and MOTDs which relied on syntactically incorrect HTML,
|
||||
such as unclosed tags, may have different behavior now, since `sanitize-html`
|
||||
fixes these.
|
||||
|
||||
2016-11-02
|
||||
==========
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
"author": "Calvin Montgomery",
|
||||
"name": "CyTube",
|
||||
"description": "Online media synchronizer and chat",
|
||||
"version": "3.30.4",
|
||||
"version": "3.31.0",
|
||||
"repository": {
|
||||
"url": "http://github.com/calzoneman/sync"
|
||||
},
|
||||
|
@ -38,7 +38,7 @@
|
|||
"pug": "^2.0.0-beta3",
|
||||
"q": "^1.4.1",
|
||||
"redis": "^2.4.2",
|
||||
"sanitize-html": "git://github.com/calzoneman/sanitize-html",
|
||||
"sanitize-html": "^1.14.1",
|
||||
"serve-static": "^1.10.0",
|
||||
"socket.io": "^1.4.0",
|
||||
"socket.io-redis": "^1.0.0",
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
var FilterList = require("cytubefilters");
|
||||
var ChannelModule = require("./module");
|
||||
var XSS = require("../xss");
|
||||
var Logger = require("../logger");
|
||||
|
||||
/*
|
||||
|
@ -22,7 +21,6 @@ function validateFilter(f) {
|
|||
}
|
||||
|
||||
f.replace = fixReplace(f.replace.substring(0, 1000));
|
||||
f.replace = XSS.sanitizeHTML(f.replace);
|
||||
f.flags = f.flags.substring(0, 4);
|
||||
|
||||
try {
|
||||
|
|
Loading…
Reference in New Issue