More xss fun

jslatts · May 27, 2011 · 5cf9b39 · 5cf9b39
1 parent e8a2fd9
commit 5cf9b39
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 3 deletions.
diff --git a/public/main.css b/public/main.css
@@ -2,7 +2,7 @@ html {
   height: 100%;
 }
 body {
-  font: 12px / 1.3 "Lucida Grande", Arial, sans-serif;
+  font: 12px/1.3 "Lucida Grande", Arial, sans-serif;
   margin: 0;
   padding: 0;
   height: 100%;

diff --git a/views/views.js b/views/views.js
@@ -56,7 +56,9 @@ var ChatView = Backbone.View.extend({
     , render: function () {
         var text = replaceURLWithHTMLLinks(this.model.get('text'));
         text = replaceURLWithMarkDown(text);
-        $(this.el).html(this.model.get('niceTime') + ' - ' + this.model.get('user') + ': ' + text);
+        var fullText = this.model.get('niceTime') + ' - ' + this.model.get('user') + ': ' + text;
+        fullText = fullText.replace(/</g, "&lt;").replace(/>/g, "&gt;");
+        $(this.el).html(fullText);
         return this;
     }
     , remove: function () {
@@ -75,6 +77,7 @@ var StatusView = Backbone.View.extend({
         var text, message, time;
 
         text = this.userName;
+        text = text.replace(/</g, "&lt;").replace(/>/g, "&gt;");
         message = this.statusMessage;
         time = this.niceTime;
         $(this.el).html(time + ' - <em>' + text + ' ' + message + '</em>');
@@ -91,7 +94,9 @@ var UserView = Backbone.View.extend({
         this.model.view = this;
     }
     , render: function () {
-        $(this.el).html(this.model.get('name'));
+        var uName = this.model.get('name');
+        uName = uName.replace(/</g, "&lt;").replace(/>/g, "&gt;");
+        $(this.el).html(uName);
         return this;
     }
     , remove: function () {