diff --git a/httpserver.cpp b/httpserver.cpp index 23ccc8f..e237f89 100644 --- a/httpserver.cpp +++ b/httpserver.cpp @@ -70,8 +70,6 @@ std::pair HttpServer::splitUserNameAndMessage(const QString &r return result; } - nick = nick.toHtmlEscaped(); - // long nicks if (nick.size() > MAX_NICKNAME_LENGTH_WITHOUT_WBR) { int lastWbr = 0; @@ -727,6 +725,7 @@ void HttpServer::writeMainPage(QTcpSocket *socket, QString &urlPath, bool isHead break; } } + rawMessage.first = rawMessage.first.toHtmlEscaped(); replaceTag(message, "USERNAME", rawMessage.first); replaceTag(message, "MESSAGE_TEXT", rawMessage.second); matchedPathsAndMessages[path].push_back(message); @@ -784,6 +783,7 @@ void HttpServer::writeMainPage(QTcpSocket *socket, QString &urlPath, bool isHead break; } } + rawMessage.first = rawMessage.first.toHtmlEscaped(); replaceTag(message, "USERNAME", rawMessage.first); replaceTag(message, "MESSAGE_TEXT", rawMessage.second); matchedPathsAndMessages[path].push_back(message); @@ -864,6 +864,7 @@ void HttpServer::writeMainPage(QTcpSocket *socket, QString &urlPath, bool isHead break; } } + rawMessage.first = rawMessage.first.toHtmlEscaped(); replaceTag(message, "USERNAME", rawMessage.first); replaceTag(message, "MESSAGE_TEXT", rawMessage.second); matchedPathsAndMessages[path].push_back(message); @@ -1035,12 +1036,13 @@ void HttpServer::writeMainPage(QTcpSocket *socket, QString &urlPath, bool isHead QString message = HTML_PAYLOAD_LIST_CHAT_MESSAGE; for (const auto &user: m_onlineUsers[originalServerName][originalChannelName]) { - if (QRegularExpression("^.?"+rawMessage.first+"$").match(user).hasMatch()) { + if (QRegularExpression("^(@|\\&|\\+|~)?"+rawMessage.first+"$").match(user).hasMatch()) { message.replace("
", "
"); break; } } + rawMessage.first = rawMessage.first.toHtmlEscaped(); replaceTag(message, "USERNAME", rawMessage.first); replaceTag(message, "MESSAGE_TEXT", rawMessage.second); payloadBlock += message;