Hacky workaround to enforce the security of logs

2019-03-17 14:12:51 +13:00 · 2019-03-17 14:12:51 +13:00 · ba05c12b57
commit ba05c12b57
parent b940c7f5fa
2 changed files with 21 additions and 1 deletions
--- a/builtin/game/chatcommands.lua
+++ b/builtin/game/chatcommands.lua
@ -7,7 +7,10 @@
 core.chatcommands = core.registered_chatcommands -- BACKWARDS COMPATIBILITY

 core.register_on_chat_message(function(name, message)
-	if message:sub(1,1) ~= "/" then
+	if message:find("[\r\n]") then
+		core.chat_send_player(name, "You cannot use newlines in chat messages.")
+		return true
+	elseif message:sub(1,1) ~= "/" then
 		return
 	end

--- a/builtin/game/misc.lua
+++ b/builtin/game/misc.lua
@ -268,3 +268,20 @@ end
 function core.cancel_shutdown_requests()
 	core.request_shutdown("", false, -1)
 end
+
+-- Enforce security of logs (if cloaking hasn't already done so)
+core.after(0, function()
+	if core.global_exists("cloaking") and cloaking.hide_player then return end
+
+	local log = core.log
+	function core.log(level, text)
+		level = level:gsub("[\r\n]", " ")
+		if text then
+			text  = text:gsub("[\r\n]", " ")
+		else
+			text  = level
+			level = "none"
+		end
+		return log(level, text)
+	end
+end)