Menu
▾
▴
Re: [dcplusplus-devel] new lines in hub titles
|
From: Jan V. K. <jan...@ex...> - 2008-08-13 17:26:23
|
On 8/13/08, poy <po...@12...> wrote:
> in ADCH++, it's pretty easy to add a new line to the hub name or
> description, simply by adding a new line in the settings file in the
> contents of the "HubName" or "Description" tags.
> this violates the ADC spec ("code point equal to or greater than 32") and
> results in messed up title bar and tab title in DC++.
I think it is OK if it is sent escaped (\n), otherwise it is a weird
INF followed with a garbage command (which would also be exploitable
by allowing injected commands).
The client implementation needs to filter newlines if it cannot
present it "correctly" in the title area or otherwise. The hub is
pretty much at liberty to send whatever it likes anyway, and client
implementations need to take that into consideration.
On the other hand, when it comes to other parts of INF messages, such
as nick names, I think it would be more useful for hub implementations
to enforce stricter rules, such as nicks consisting of (only) white
space. But that is user generated content, not hub created.
--
Jan Vidar Krey
|
