Text containing html code gets interpreted as actual html code
Opened this issue ยท 1 comments
Text containing html code gets interpreted as actual html code
To be more specific if someone in game was to type the following in-game..
<iframe src="http://skorrloregaming.x10.bz/re.php?v=1" style="width: 300px; height: 200px;">
It actually shows on the web server in the console, an iframe with the page inside it
This is a huge security risk and performance hog, as like that page, some links can be ip loggers.
@rymate1234 This bug still stands to this day.
I have solved this issue with my web-based irc solution project (HardScene).
Where anything is appended to console, I used this to remove html code from the string.
var replaceValue = /(<([^>]+)>)/ig;
var finalString = stringValue.replace(replaceValue, "");
Note that this is JavaScript code and should be done client-side.