Upstream/dynmap
1
0
Fork 0
mirror of https://github.com/webbukkit/dynmap.git synced 2024-11-28 05:05:16 +01:00
Code Issues Projects Releases Wiki Activity

Make sanizing consistent between initial and updates, add <center>

Browse Source
This commit is contained in:
Mike Primm 2022-02-04 23:50:49 -06:00
parent bdfa148bfb
commit e70f2845e8
2 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
DynmapCore/src/main/java/org/dynmap/Client.java
View File

@ -286,11 +286,12 @@ public class Client {
} }
private static PolicyFactory sanitizer = null; private static PolicyFactory sanitizer = null;
private static PolicyFactory OLDTAGS = new HtmlPolicyBuilder().allowElements("center", "basefont").toFactory();
public static String sanitizeHTML(String html) { public static String sanitizeHTML(String html) {
PolicyFactory s = sanitizer; PolicyFactory s = sanitizer;
if (s == null) { if (s == null) {
// Generous but safe html formatting allowances // Generous but safe html formatting allowances
s = Sanitizers.FORMATTING.and(Sanitizers.BLOCKS).and(Sanitizers.IMAGES).and(Sanitizers.LINKS).and(Sanitizers.STYLES); s = Sanitizers.FORMATTING.and(Sanitizers.BLOCKS).and(Sanitizers.IMAGES).and(Sanitizers.LINKS).and(Sanitizers.STYLES).and(OLDTAGS);
sanitizer = s; sanitizer = s;
} }
return s.sanitize(html); return s.sanitize(html);

16
DynmapCore/src/main/java/org/dynmap/markers/impl/MarkerAPIImpl.java
View File

@ -3328,10 +3328,10 @@ public class MarkerAPIImpl implements MarkerAPI, Event.Listener<DynmapWorld> {
mi = MarkerAPIImpl.getMarkerIconImpl(MarkerIcon.DEFAULT); mi = MarkerAPIImpl.getMarkerIconImpl(MarkerIcon.DEFAULT);
mdata.put("icon", mi.getMarkerIconID()); mdata.put("icon", mi.getMarkerIconID());
mdata.put("dim", mi.getMarkerIconSize().getSize()); mdata.put("dim", mi.getMarkerIconSize().getSize());
mdata.put("label", m.getLabel()); mdata.put("label", Client.sanitizeHTML(m.getLabel()));
mdata.put("markup", m.isLabelMarkup()); mdata.put("markup", m.isLabelMarkup());
if(m.getDescription() != null) if(m.getDescription() != null)
mdata.put("desc", m.getDescription()); mdata.put("desc", Client.sanitizeHTML(m.getDescription()));
if (m.getMinZoom() >= 0) { if (m.getMinZoom() >= 0) {
mdata.put("minzoom", m.getMinZoom()); mdata.put("minzoom", m.getMinZoom());
} }
@ -3364,10 +3364,10 @@ public class MarkerAPIImpl implements MarkerAPI, Event.Listener<DynmapWorld> {
mdata.put("opacity", m.getLineOpacity()); mdata.put("opacity", m.getLineOpacity());
mdata.put("fillopacity", m.getFillOpacity()); mdata.put("fillopacity", m.getFillOpacity());
mdata.put("weight", m.getLineWeight()); mdata.put("weight", m.getLineWeight());
mdata.put("label", m.getLabel()); mdata.put("label", Client.sanitizeHTML(m.getLabel()));
mdata.put("markup", m.isLabelMarkup()); mdata.put("markup", m.isLabelMarkup());
if(m.getDescription() != null) if(m.getDescription() != null)
mdata.put("desc", m.getDescription()); mdata.put("desc", Client.sanitizeHTML(m.getDescription()));
if (m.getMinZoom() >= 0) { if (m.getMinZoom() >= 0) {
mdata.put("minzoom", m.getMinZoom()); mdata.put("minzoom", m.getMinZoom());
} }
@ -3399,10 +3399,10 @@ public class MarkerAPIImpl implements MarkerAPI, Event.Listener<DynmapWorld> {
mdata.put("color", String.format("#%06X", m.getLineColor())); mdata.put("color", String.format("#%06X", m.getLineColor()));
mdata.put("opacity", m.getLineOpacity()); mdata.put("opacity", m.getLineOpacity());
mdata.put("weight", m.getLineWeight()); mdata.put("weight", m.getLineWeight());
mdata.put("label", m.getLabel()); mdata.put("label", Client.sanitizeHTML(m.getLabel()));
mdata.put("markup", m.isLabelMarkup()); mdata.put("markup", m.isLabelMarkup());
if(m.getDescription() != null) if(m.getDescription() != null)
mdata.put("desc", m.getDescription()); mdata.put("desc", Client.sanitizeHTML(m.getDescription()));
if (m.getMinZoom() >= 0) { if (m.getMinZoom() >= 0) {
mdata.put("minzoom", m.getMinZoom()); mdata.put("minzoom", m.getMinZoom());
} }
@ -3429,10 +3429,10 @@ public class MarkerAPIImpl implements MarkerAPI, Event.Listener<DynmapWorld> {
mdata.put("opacity", m.getLineOpacity()); mdata.put("opacity", m.getLineOpacity());
mdata.put("fillopacity", m.getFillOpacity()); mdata.put("fillopacity", m.getFillOpacity());
mdata.put("weight", m.getLineWeight()); mdata.put("weight", m.getLineWeight());
mdata.put("label", m.getLabel()); mdata.put("label", Client.sanitizeHTML(m.getLabel()));
mdata.put("markup", m.isLabelMarkup()); mdata.put("markup", m.isLabelMarkup());
if(m.getDescription() != null) if(m.getDescription() != null)
mdata.put("desc", m.getDescription()); mdata.put("desc", Client.sanitizeHTML(m.getDescription()));
if (m.getMinZoom() >= 0) { if (m.getMinZoom() >= 0) {
mdata.put("minzoom", m.getMinZoom()); mdata.put("minzoom", m.getMinZoom());
} }