fix mostly-harmless xss

2022-04-27 22:29:16 +02:00 · 2022-04-27 22:29:16 +02:00 · 73fa70b41f
commit 73fa70b41f
parent 2a1cda42e7
1 changed files with 4 additions and 1 deletions
--- a/copyparty/httpcli.py
+++ b/copyparty/httpcli.py
@ -349,8 +349,11 @@ class HttpCli(object):
        return body

    def loud_reply(self, body, *args, **kwargs):
+        if not kwargs.get("mime"):
+            kwargs["mime"] = "text/plain; charset=utf-8"
+
        self.log(body.rstrip())
-        self.reply(b"<pre>" + body.encode("utf-8") + b"\r\n", *list(args), **kwargs)
+        self.reply(body.encode("utf-8") + b"\r\n", *list(args), **kwargs)

    def urlq(self, add, rm):
        """