From 5dfe268a6dd39f3578ebebbde177589a89f028c2 Mon Sep 17 00:00:00 2001 From: sD Date: Sat, 21 Dec 2019 15:15:13 +0100 Subject: forgot these lol --- webAO/client.html | 2 ++ 1 file changed, 2 insertions(+) diff --git a/webAO/client.html b/webAO/client.html index 64ddcc1..3be0adf 100644 --- a/webAO/client.html +++ b/webAO/client.html @@ -226,6 +226,8 @@ + +

-- cgit From 274b4bf10b4451336f739a2bedc8b9f503a9e00c Mon Sep 17 00:00:00 2001 From: sD Date: Sat, 21 Dec 2019 19:38:40 +0100 Subject: replace escape with something that only deals with html --- webAO/client.js | 42 +++++++++++++++++++++++------------------- 1 file changed, 23 insertions(+), 19 deletions(-) diff --git a/webAO/client.js b/webAO/client.js index ed28819..dede895 100644 --- a/webAO/client.js +++ b/webAO/client.js @@ -55,6 +55,10 @@ console.info(`Your emulated HDID is ${hdid}`); let lastICMessageTime = new Date(0); +function safe_tags(str) { + return str.replace(/&/g,'&').replace(//g,'>') ; +} + class Client extends EventEmitter { constructor(address) { super(); @@ -428,14 +432,14 @@ class Client extends EventEmitter { } const chatmsg = { - preanim: escape(args[2]).toLowerCase(), // get preanim + preanim: safe_tags(args[2]).toLowerCase(), // get preanim nameplate: msg_nameplate, // TODO: there's a new feature that let's people choose the name that's displayed name: args[3].toLowerCase(), - speaking: "(b)" + escape(args[4]).toLowerCase(), - silent: "(a)" + escape(args[4]).toLowerCase(), + speaking: "(b)" + safe_tags(args[4]).toLowerCase(), + silent: "(a)" + safe_tags(args[4]).toLowerCase(), content: this.prepChat(args[5]), // Escape HTML tags side: args[6].toLowerCase(), - sound: escape(args[7]).toLowerCase(), + sound: safe_tags(args[7]).toLowerCase(), blips: msg_blips, type: args[8], charid: args[9], @@ -510,14 +514,14 @@ class Client extends EventEmitter { */ async handleCharacterInfo(chargs, charid) { let cini = {}; - let icon = AO_HOST + "characters/" + escape(chargs[0]).toLowerCase() + "/char_icon.png"; + let icon = AO_HOST + "characters/" + safe_tags(chargs[0]).toLowerCase() + "/char_icon.png"; let img = document.getElementById(`demo_${charid}`); img.alt = chargs[0]; img.src = icon; // seems like a good time to load the icon // If the ini doesn't exist on the server this will throw an error try { - const cinidata = await request(AO_HOST + "characters/" + escape(chargs[0]).toLowerCase() + "/char.ini"); + const cinidata = await request(AO_HOST + "characters/" + safe_tags(chargs[0]).toLowerCase() + "/char.ini"); cini = INI.parse(cinidata); } catch(err) { cini = {}; @@ -535,10 +539,10 @@ class Client extends EventEmitter { cini.options = Object.assign(default_options, cini.options); this.chars[charid] = { - name: escape(chargs[0]), - showname: escape(cini.options.showname), - desc: escape(chargs[1]), - gender: escape(cini.options.gender).toLowerCase(), + name: safe_tags(chargs[0]), + showname: safe_tags(cini.options.showname), + desc: safe_tags(chargs[1]), + gender: safe_tags(cini.options.gender).toLowerCase(), evidence: chargs[3], icon: icon, inifile: cini @@ -607,8 +611,8 @@ class Client extends EventEmitter { this.evidences[i - 1] = { name: decodeChat(unescapeChat(arg[0])), desc: decodeChat(unescapeChat(arg[1])), - filename: escape(arg[2]), - icon: AO_HOST + "evidence/" + escape(arg[2].toLowerCase()) + filename: safe_tags(arg[2]), + icon: AO_HOST + "evidence/" + safe_tags(arg[2].toLowerCase()) }; } @@ -703,7 +707,7 @@ class Client extends EventEmitter { */ handleKK(args) { document.getElementById("client_loading").style.display = "flex"; - document.getElementById("client_loadingtext").innerHTML = "Kicked: " + escape(args[1]); + document.getElementById("client_loadingtext").innerHTML = "Kicked: " + safe_tags(args[1]); } /** @@ -713,7 +717,7 @@ class Client extends EventEmitter { */ handleKB(args) { document.getElementById("client_loading").style.display = "flex"; - document.getElementById("client_loadingtext").innerHTML = "You got banned: " + escape(args[1]); + document.getElementById("client_loadingtext").innerHTML = "You got banned: " + safe_tags(args[1]); } /** @@ -723,7 +727,7 @@ class Client extends EventEmitter { */ handleBD(args) { document.getElementById("client_loading").style.display = "flex"; - document.getElementById("client_loadingtext").innerHTML = "Banned: " + escape(args[1]); + document.getElementById("client_loadingtext").innerHTML = "Banned: " + safe_tags(args[1]); } /** @@ -746,14 +750,14 @@ class Client extends EventEmitter { * @param {Array} args packet arguments */ handleBN(args) { - viewport.bgname = escape(args[1]); - const bg_index = getIndexFromSelect("bg_select", escape(args[1])); + viewport.bgname = safe_tags(args[1]); + const bg_index = getIndexFromSelect("bg_select", safe_tags(args[1])); document.getElementById("bg_select").selectedIndex = bg_index; updateBackgroundPreview(); if (bg_index === 0) { document.getElementById("bg_filename").value = args[1]; } - document.getElementById("bg_preview").src = AO_HOST + "background/" + escape(args[1].toLowerCase()) + "/defenseempty.png"; + document.getElementById("bg_preview").src = AO_HOST + "background/" + safe_tags(args[1].toLowerCase()) + "/defenseempty.png"; if (this.charID === -1) { changeBackground("jud"); } else { @@ -1325,7 +1329,7 @@ class Viewport { this.sfxaudio.pause(); this.sfxplayed = 1; if (this.chatmsg.sound !== "0" && this.chatmsg.sound !== "1") { - this.sfxaudio.src = AO_HOST + "sounds/general/" + escape(this.chatmsg.sound.toLowerCase()) + ".wav"; + this.sfxaudio.src = AO_HOST + "sounds/general/" + safe_tags(this.chatmsg.sound.toLowerCase()) + ".wav"; this.sfxaudio.play(); } } -- cgit From 9a63bf98269003da016b62a40a12ba99ef893e19 Mon Sep 17 00:00:00 2001 From: sD Date: Sat, 21 Dec 2019 19:52:54 +0100 Subject: url encode all url parts --- webAO/client.js | 43 ++++++++++++++++++++++--------------------- 1 file changed, 22 insertions(+), 21 deletions(-) diff --git a/webAO/client.js b/webAO/client.js index dede895..528abf5 100644 --- a/webAO/client.js +++ b/webAO/client.js @@ -56,7 +56,8 @@ console.info(`Your emulated HDID is ${hdid}`); let lastICMessageTime = new Date(0); function safe_tags(str) { - return str.replace(/&/g,'&').replace(//g,'>') ; + if (str) + return str.replace(/&/g,'&').replace(//g,'>') ; } class Client extends EventEmitter { @@ -514,14 +515,14 @@ class Client extends EventEmitter { */ async handleCharacterInfo(chargs, charid) { let cini = {}; - let icon = AO_HOST + "characters/" + safe_tags(chargs[0]).toLowerCase() + "/char_icon.png"; + let icon = AO_HOST + "characters/" + encodeURI(chargs[0].toLowerCase()) + "/char_icon.png"; let img = document.getElementById(`demo_${charid}`); img.alt = chargs[0]; img.src = icon; // seems like a good time to load the icon // If the ini doesn't exist on the server this will throw an error try { - const cinidata = await request(AO_HOST + "characters/" + safe_tags(chargs[0]).toLowerCase() + "/char.ini"); + const cinidata = await request(AO_HOST + "characters/" + encodeURI(chargs[0].toLowerCase()) + "/char.ini"); cini = INI.parse(cinidata); } catch(err) { cini = {}; @@ -612,7 +613,7 @@ class Client extends EventEmitter { name: decodeChat(unescapeChat(arg[0])), desc: decodeChat(unescapeChat(arg[1])), filename: safe_tags(arg[2]), - icon: AO_HOST + "evidence/" + safe_tags(arg[2].toLowerCase()) + icon: AO_HOST + "evidence/" + encodeURI(arg[2].toLowerCase()) }; } @@ -757,7 +758,7 @@ class Client extends EventEmitter { if (bg_index === 0) { document.getElementById("bg_filename").value = args[1]; } - document.getElementById("bg_preview").src = AO_HOST + "background/" + safe_tags(args[1].toLowerCase()) + "/defenseempty.png"; + document.getElementById("bg_preview").src = AO_HOST + "background/" + encodeURI(args[1].toLowerCase()) + "/defenseempty.png"; if (this.charID === -1) { changeBackground("jud"); } else { @@ -939,8 +940,8 @@ class Client extends EventEmitter { zoom: emoteinfo[3], sfx: esfx.toLowerCase(), sfxdelay: esfxd, - button_off: AO_HOST + `characters/${me.name.toLowerCase()}/emotions/button${i}_off.png`, - button_on: AO_HOST + `characters/${me.name.toLowerCase()}/emotions/button${i}_on.png` + button_off: AO_HOST + `characters/${encodeURI(me.name.toLowerCase())}/emotions/button${i}_off.png`, + button_on: AO_HOST + `characters/${encodeURI(me.name.toLowerCase())}/emotions/button${i}_on.png` }; emotesList.innerHTML += ` channel.src = AO_HOST + `sounds/general/sfx-blip${chatmsg.blips}.wav`); + this.blipChannels.forEach(channel => channel.src = `${AO_HOST}sounds/general/sfx-blip${encodeURI(chatmsg.blips.toLowerCase())}.wav`); this.textnow = ""; this.sfxplayed = 0; this.textTimer = 0; @@ -1037,7 +1038,7 @@ class Viewport { clearTimeout(this.updater); // If preanim existed then determine the length if (chatmsg.preanim !== "-") { - const delay = await this.getAnimLength(`${AO_HOST}characters/${chatmsg.name.toLowerCase()}/${chatmsg.preanim}.gif`); + const delay = await this.getAnimLength(`${AO_HOST}characters/${encodeURI(chatmsg.name.toLowerCase())}/${encodeURI(chatmsg.preanim)}.gif`); chatmsg.preanimdelay = delay; this.initUpdater(delay); } else { @@ -1199,7 +1200,7 @@ class Viewport { const shout = shouts[this.chatmsg.objection]; if (shout) { shoutSprite.src = client.resources[shout]["src"]; - this.shoutaudio.src=`${AO_HOST}characters/${this.chatmsg.name.toLowerCase()}/${shout}.wav`; + this.shoutaudio.src=`${AO_HOST}characters/${encodeURI(this.chatmsg.name.toLowerCase())}/${shout}.wav`; this.shoutaudio.play(); this.shoutTimer = 850; } else { @@ -1236,7 +1237,7 @@ class Viewport { shoutSprite.src = "misc/placeholder.gif"; const charName = this.chatmsg.name.toLowerCase(); const preanim = this.chatmsg.preanim.toLowerCase(); - charSprite.src = `${AO_HOST}characters/${charName}/${preanim}.gif`; + charSprite.src = `${AO_HOST}characters/${encodeURI(charName)}/${encodeURI(preanim)}.gif`; } this.chatmsg.startpreanim = false; @@ -1294,10 +1295,10 @@ class Viewport { changeBackground(this.chatmsg.side); } - charSprite.src = AO_HOST + "characters/" + this.chatmsg.name.toLowerCase() + "/" + this.chatmsg.speaking.toLowerCase() + ".gif"; + charSprite.src = AO_HOST + "characters/" + encodeURI(this.chatmsg.name.toLowerCase()) + "/" + encodeURI(this.chatmsg.speaking.toLowerCase()) + ".gif"; if (this.textnow === this.chatmsg.content) { - charSprite.src = AO_HOST + "characters/" + this.chatmsg.name.toLowerCase() + "/" + this.chatmsg.silent.toLowerCase() + ".gif"; + charSprite.src = AO_HOST + "characters/" + encodeURI(this.chatmsg.name.toLowerCase()) + "/" + encodeURI(this.chatmsg.silent.toLowerCase()) + ".gif"; this._animating = false; clearTimeout(this.updater); } @@ -1318,7 +1319,7 @@ class Viewport { if (this.textnow === this.chatmsg.content) { this.textTimer = 0; this._animating = false; - charSprite.src = AO_HOST + "characters/" + this.chatmsg.name.toLowerCase() + "/" + this.chatmsg.silent.toLowerCase() + ".gif"; + charSprite.src = AO_HOST + "characters/" + encodeURI(this.chatmsg.name.toLowerCase()) + "/" + encodeURI(this.chatmsg.silent.toLowerCase()) + ".gif"; clearTimeout(this.updater); } } @@ -1329,7 +1330,7 @@ class Viewport { this.sfxaudio.pause(); this.sfxplayed = 1; if (this.chatmsg.sound !== "0" && this.chatmsg.sound !== "1") { - this.sfxaudio.src = AO_HOST + "sounds/general/" + safe_tags(this.chatmsg.sound.toLowerCase()) + ".wav"; + this.sfxaudio.src = AO_HOST + "sounds/general/" + encodeURI(this.chatmsg.sound.toLowerCase()) + ".wav"; this.sfxaudio.play(); } } @@ -1691,7 +1692,7 @@ async function changeBackground(position) { document.getElementById("client_fg").style.display = "none"; if (viewport.chatmsg.type === 5) { - document.getElementById("client_court").src = `${AO_HOST}themes/default/${speedLines}`; + document.getElementById("client_court").src = `${AO_HOST}themes/default/${encodeURI(speedLines)}`; } else { document.getElementById("client_court").src = bgfolder + bg; if (desk) { @@ -1933,10 +1934,10 @@ export function updateEvidenceIcon() { if (evidence_select.selectedIndex === 0) { evidence_filename.style.display = "initial"; - evidence_iconbox.style.backgroundImage = `url(${AO_HOST}evidence/${evidence_filename.value.toLowerCase()})`; + evidence_iconbox.style.backgroundImage = `url(${AO_HOST}evidence/${encodeURI(evidence_filename.value.toLowerCase())})`; } else { evidence_filename.style.display = "none"; - evidence_iconbox.style.backgroundImage = `url(${AO_HOST}evidence/${evidence_select.value.toLowerCase()})`; + evidence_iconbox.style.backgroundImage = `url(${AO_HOST}evidence/${encodeURI(evidence_select.value.toLowerCase())})`; } } window.updateEvidenceIcon = updateEvidenceIcon; @@ -2067,10 +2068,10 @@ export function updateBackgroundPreview() { if (background_select.selectedIndex === 0) { background_filename.style.display = "initial"; - background_preview.src = AO_HOST + "background/" + background_filename.value.toLowerCase() + "/defenseempty.png"; + background_preview.src = AO_HOST + "background/" + encodeURI(background_filename.value.toLowerCase()) + "/defenseempty.png"; } else { background_filename.style.display = "none"; - background_preview.src = AO_HOST + "background/" + background_select.value.toLowerCase() + "/defenseempty.png"; + background_preview.src = AO_HOST + "background/" + encodeURI(background_select.value.toLowerCase()) + "/defenseempty.png"; } } window.updateBackgroundPreview = updateBackgroundPreview; -- cgit From 853dd1acad0265ca0d425e12530dce9c598b1c07 Mon Sep 17 00:00:00 2001 From: sD Date: Sat, 21 Dec 2019 20:02:34 +0100 Subject: fix speedlines the magic of js typing --- webAO/client.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/webAO/client.js b/webAO/client.js index 528abf5..c4bac6f 100644 --- a/webAO/client.js +++ b/webAO/client.js @@ -1691,8 +1691,9 @@ async function changeBackground(position) { const { bg, desk, speedLines } = positions[position]; document.getElementById("client_fg").style.display = "none"; - if (viewport.chatmsg.type === 5) { + if (viewport.chatmsg.type === "5") { document.getElementById("client_court").src = `${AO_HOST}themes/default/${encodeURI(speedLines)}`; + document.getElementById("client_bench").style.display = "none"; } else { document.getElementById("client_court").src = bgfolder + bg; if (desk) { -- cgit