eeva/jamulus
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Escape server and user names in the status HTML.

Browse source
This commit is contained in:
Adam Sampson 2020-06-20 16:43:18 +01:00
parent d6759e4d92
commit c9516f1962
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/server.cpp
View file

@ -1590,7 +1590,7 @@ void CServer::WriteHTMLChannelList()
} }
QTextStream streamFileOut ( &serverFileListFile ); QTextStream streamFileOut ( &serverFileListFile );
streamFileOut << strServerNameWithPort << endl << "<ul>" << endl; streamFileOut << strServerNameWithPort.toHtmlEscaped() << endl << "<ul>" << endl;
// depending on number of connected clients write list // depending on number of connected clients write list
if ( GetNumberOfConnectedClients() == 0 ) if ( GetNumberOfConnectedClients() == 0 )
@ -1605,7 +1605,7 @@ void CServer::WriteHTMLChannelList()
{ {
if ( vecChannels[i].IsConnected() ) if ( vecChannels[i].IsConnected() )
{ {
streamFileOut << " <li>" << vecChannels[i].GetName() << "</li>" << endl; streamFileOut << " <li>" << vecChannels[i].GetName().toHtmlEscaped() << "</li>" << endl;
} }
} }
} }