diff --git a/src/server.cpp b/src/server.cpp index 99c7ab5c48..6e95d1535f 100644 --- a/src/server.cpp +++ b/src/server.cpp @@ -426,6 +426,20 @@ CServer::CServer ( const int iNewMaxNumChan, QThreadPool::globalInstance()->setMaxThreadCount ( QThread::idealThreadCount() * 4 ); } + // initialize chat html sanitization patterns: + static QList qlPermittedChatTagNames = { + "b", + "i", + "p", + "pre", + "u", + }; + foreach ( auto tag, qlPermittedChatTagNames ) + { + QRegExp pattern = QRegExp ( "<(" + tag + ")>([^<>]+)</" + tag + ">" ); + pattern.setMinimal ( true ); // non-greedy matching + qlPermittedChatTagPatterns << pattern; + } // Connections ------------------------------------------------------------- // connect timer timeout signal @@ -1475,11 +1489,19 @@ void CServer::CreateAndSendChatTextForAllConChannels ( const int iCurChanID // use different colors QString sCurColor = vstrChatColors[iCurChanID % vstrChatColors.Size()]; + // escape all html tags, but selectively allow safe tags again: + QString strChatTextFiltered = strChatText.toHtmlEscaped(); + foreach ( auto pattern, qlPermittedChatTagPatterns ) + { + strChatTextFiltered = strChatTextFiltered.replace ( pattern, "<\\1>\\2" ); + } + strChatTextFiltered = strChatTextFiltered.replace ( "<br>", "
" ); + const QString strActualMessageText = "(" + QTime::currentTime().toString ( "hh:mm:ss AP" ) + ") " + ChanName.toHtmlEscaped() + - " " + strChatText.toHtmlEscaped(); + " " + strChatTextFiltered; // Send chat text to all connected clients --------------------------------- diff --git a/src/server.h b/src/server.h index 0bc8ecc57e..49879dece5 100644 --- a/src/server.h +++ b/src/server.h @@ -415,6 +415,8 @@ class CServer : CSignalHandler* pSignalHandler; + QList qlPermittedChatTagPatterns; + signals: void Started(); void Stopped();