diff options
author | Freeyorp <TheFreeYorp@NOSPAM.G.m.a.i.l.replace> | 2013-05-13 13:50:36 +1200 |
---|---|---|
committer | Freeyorp <TheFreeYorp@NOSPAM.G.m.a.i.l.replace> | 2013-05-13 13:50:36 +1200 |
commit | e0c3142731003bf60851a2827757f0f4b7dc759a (patch) | |
tree | 04ae0d86a77c872dcf80489a0a45f155748340d3 /index.js | |
parent | 87c39afe86d077f06b9adce5c0759fb932ad02e3 (diff) | |
download | manavis-e0c3142731003bf60851a2827757f0f4b7dc759a.tar.gz manavis-e0c3142731003bf60851a2827757f0f4b7dc759a.tar.bz2 manavis-e0c3142731003bf60851a2827757f0f4b7dc759a.tar.xz manavis-e0c3142731003bf60851a2827757f0f4b7dc759a.zip |
Validate input in socket callbacks
Diffstat (limited to 'index.js')
-rw-r--r-- | index.js | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -62,6 +62,9 @@ sessionSockets.on('connection', function (err, socket, session) { socket.emit('users', { users: users }); /* Set up various handlers for the new socket. */ socket.on('nick', function (d) { + if (!(typeof(d) == "object" && nick in d)) { + return; + } /* TODO Collision checking? */ users[session.nid].nick = session.nick = d.nick; session.save(); @@ -72,6 +75,9 @@ sessionSockets.on('connection', function (err, socket, session) { }); }); socket.on('filter', function(d) { + if (!(typeof(d) == "object" && filters in d)) { + return; + } users[session.nid].filters = d.filters; logAction("FILTER", d.filters); socket.broadcast.emit('filterset', { |