jketterl/openwebrx
1
0
Fork 0
mirror of https://github.com/jketterl/openwebrx.git synced 2025-12-06 07:12:09 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

escape messages where appropriate; refs #350

Browse source
This commit is contained in:
Jakob Ketterl 2023-08-22 01:53:47 +02:00
parent e20d94e241
commit 817ee4a670
1 changed files with 10 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
htdocs/lib/MessagePanel.js
View file

@ -47,6 +47,10 @@ MessagePanel.prototype.initClearButton = function() {
$(me.el).append(me.clearButton); $(me.el).append(me.clearButton);
}; };
MessagePanel.prototype.htmlEscape = function(input) {
return $('<div/>').text(input).html()
}
function WsjtMessagePanel(el) { function WsjtMessagePanel(el) {
MessagePanel.call(this, el); MessagePanel.call(this, el);
this.initClearTimer(); this.initClearTimer();
@ -85,23 +89,19 @@ WsjtMessagePanel.prototype.pushMessage = function(msg) {
var linkedmsg = msg['msg']; var linkedmsg = msg['msg'];
var matches; var matches;
var html_escape = function(input) {
return $('<div/>').text(input).html()
};
if (this.qsoModes.indexOf(msg['mode']) >= 0) { if (this.qsoModes.indexOf(msg['mode']) >= 0) {
matches = linkedmsg.match(/(.*\s[A-Z0-9]+\s)([A-R]{2}[0-9]{2})$/); matches = linkedmsg.match(/(.*\s[A-Z0-9]+\s)([A-R]{2}[0-9]{2})$/);
if (matches && matches[2] !== 'RR73') { if (matches && matches[2] !== 'RR73') {
linkedmsg = html_escape(matches[1]) + '<a href="map?locator=' + matches[2] + '" target="openwebrx-map">' + matches[2] + '</a>'; linkedmsg = this.htmlEscape(matches[1]) + '<a href="map?locator=' + matches[2] + '" target="openwebrx-map">' + matches[2] + '</a>';
} else { } else {
linkedmsg = html_escape(linkedmsg); linkedmsg = this.htmlEscape(linkedmsg);
} }
} else if (this.beaconModes.indexOf(msg['mode']) >= 0) { } else if (this.beaconModes.indexOf(msg['mode']) >= 0) {
matches = linkedmsg.match(/([A-Z0-9]*\s)([A-R]{2}[0-9]{2})(\s[0-9]+)/); matches = linkedmsg.match(/([A-Z0-9]*\s)([A-R]{2}[0-9]{2})(\s[0-9]+)/);
if (matches) { if (matches) {
linkedmsg = html_escape(matches[1]) + '<a href="map?locator=' + matches[2] + '" target="openwebrx-map">' + matches[2] + '</a>' + html_escape(matches[3]); linkedmsg = this.htmlEscape(matches[1]) + '<a href="map?locator=' + matches[2] + '" target="openwebrx-map">' + matches[2] + '</a>' + this.htmlEscape(matches[3]);
} else { } else {
linkedmsg = html_escape(linkedmsg); linkedmsg = this.htmlEscape(linkedmsg);
} }
} }
$b.append($( $b.append($(
@ -212,7 +212,7 @@ PacketMessagePanel.prototype.pushMessage = function(msg) {
'<td>' + timestamp + '</td>' + '<td>' + timestamp + '</td>' +
'<td class="callsign">' + source + '</td>' + '<td class="callsign">' + source + '</td>' +
'<td class="coord">' + link + '</td>' + '<td class="coord">' + link + '</td>' +
'<td class="message">' + (msg.comment || msg.message || '') + '</td>' + '<td class="message">' + this.htmlEscape(msg.comment || msg.message || '') + '</td>' +
'</tr>' '</tr>'
)); ));
$b.scrollTop($b[0].scrollHeight); $b.scrollTop($b[0].scrollHeight);
@ -253,7 +253,7 @@ PocsagMessagePanel.prototype.pushMessage = function(msg) {
$b.append($( $b.append($(
'<tr>' + '<tr>' +
'<td class="address">' + msg.address + '</td>' + '<td class="address">' + msg.address + '</td>' +
'<td class="message">' + msg.message + '</td>' + '<td class="message">' + this.htmlEscape(msg.message) + '</td>' +
'</tr>' '</tr>'
)); ));
$b.scrollTop($b[0].scrollHeight); $b.scrollTop($b[0].scrollHeight);