desloratadyna/fluff
SHA256
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: desloratadyna:7bc1e8d9286b40a3eac7d06d80d423ac299773477f3b2daa801ae62fe334591d
Branches Tags
desloratadyna:main
...
compare: desloratadyna:490c1cc724ae5c56d789ec09882823fb17ff8c924a74b951077f058af6dff2ac
Branches Tags
desloratadyna:main

2 Commits
7bc1e8d928 ... 490c1cc724

Author SHA256 Message Date
WlodekM
490c1cc724 fix error when accessing from localhost 2026-01-08 13:19:55 +02:00
WlodekM
ef9f6ba9c7 satanize ampersand 2026-01-08 13:18:03 +02:00
1 changed files with 2 additions and 1 deletions
Expand all files Collapse all files

3
index.js
View File

@@ -53,7 +53,7 @@ function verifyToken(token) {
return split[0]; return split[0];
} }
function sanitiseStringHTML(str) { function sanitiseStringHTML(str) {
return str.replaceAll(">", "&gt;").replaceAll("<", "&lt;"); return str.replaceAll("&", "&amp;").replaceAll(">", "&gt;").replaceAll("<", "&lt;");
} }
app.use(express.urlencoded()); app.use(express.urlencoded());
@@ -78,6 +78,7 @@ app.use((req, res, next) => {
const geo = geoip.lookup(req.headers['x-forwarded-for']); const geo = geoip.lookup(req.headers['x-forwarded-for']);
console.log(geo); console.log(geo);
if (geo)
if (geo.country !== "US") if (geo.country !== "US")
if (geo.country !== "UA") if (geo.country !== "UA")
if (geo.country !== "PL") { if (geo.country !== "PL") {