codeninjasllc/codecombat
1
0
Fork 0
mirror of https://github.com/codeninjasllc/codecombat.git synced 2025-03-14 07:00:01 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

+ </script> tag in username no longer breaks the page

Browse source
This commit is contained in:
Dominik Maier 2014-05-20 00:13:09 +02:00
parent 035cb7d3f7
commit 2d03c3f78c
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
server_setup.coffee
View file

@ -91,8 +91,8 @@ setupFallbackRouteToIndex = (app) ->
sendMain = (req, res) ->
fs.readFile path.join(__dirname, 'public', 'main.html'), 'utf8', (err, data) ->
log.error "Error modifying main.html: #{err}" if err
# insert the user object directly into the html so the application can have it immediately
data = data.replace('"userObjectTag"', JSON.stringify(UserHandler.formatEntity(req, req.user)))
# insert the user object directly into the html so the application can have it immediately. Sanitize </script>
data = data.replace('"userObjectTag"', JSON.stringify(UserHandler.formatEntity(req, req.user)).replace('/', '\\/'))
res.send data
setupFacebookCrossDomainCommunicationRoute = (app) ->