krikkert/habitica
1
0
Fork 0
mirror of https://github.com/HabitRPG/habitica.git synced 2025-12-17 22:57:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix username links resulting in truncated chat messages (#11945)

Browse Source 
* introduce MAX_MESSAGE_LENGTH constant

* add test

* fix path

* fix and tests

* fix typo in tests
This commit is contained in:
Matteo Pagliazzi
2020-03-04 11:49:14 +01:00
committed by GitHub
parent 75068ceb9e
commit 2ff9dfe965
9 changed files with 54 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
website/server/controllers/api-v3/chat.js
View File

@@ -2,7 +2,10 @@ import nconf from 'nconf';
import { authWithHeaders } from '../../middlewares/auth';
import { model as Group } from '../../models/group';
import { model as User } from '../../models/user';
import { chatModel as Chat } from '../../models/message';
import {
chatModel as Chat,
sanitizeText as sanitizeMessageText,
} from '../../models/message';
import common from '../../../common';
import {
BadRequest,
@@ -187,7 +190,8 @@ api.postChat = {
throw new NotAuthorized(res.t('messageGroupChatSpam'));
}
const [message, mentions, mentionedMembers] = await highlightMentions(req.body.message);
const sanitizedMessageText = sanitizeMessageText(req.body.message);
const [message, mentions, mentionedMembers] = await highlightMentions(sanitizedMessageText);
let client = req.headers['x-client'] || '3rd Party';
if (client) {
client = client.replace('habitica-', '');

6
website/server/controllers/api-v3/members.js
View File

@@ -21,6 +21,9 @@ import {
import { sendNotification as sendPushNotification } from '../../libs/pushNotifications';
import common from '../../../common';
import { sentMessage } from '../../libs/inbox';
import {
sanitizeText as sanitizeMessageText,
} from '../../models/message';
import { highlightMentions } from '../../libs/highlightMentions';
const { achievements } = common;
@@ -677,7 +680,8 @@ api.sendPrivateMessage = {
if (validationErrors) throw validationErrors;
const sender = res.locals.user;
const message = (await highlightMentions(req.body.message))[0];
const sanitizedMessageText = sanitizeMessageText(req.body.message);
const message = (await highlightMentions(sanitizedMessageText))[0];
const receiver = await User.findById(req.body.toUserId).exec();
if (!receiver) throw new NotFound(res.t('userNotFound'));