From c8e0eab34e933ae64178936be5d17fd78b5a9971 Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Fri, 20 Mar 2015 13:46:05 -0400
Subject: [PATCH] escape data on room enter

---
 src/socket.io/meta.js | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/socket.io/meta.js b/src/socket.io/meta.js
index c801381a1f..21fdeca35e 100644
--- a/src/socket.io/meta.js
+++ b/src/socket.io/meta.js
@@ -70,6 +70,10 @@ SocketMeta.rooms.enter = function(socket, data, callback) {
 		socket.currentRoom = data.enter;
 		if (data.enter.indexOf('topic') !== -1) {
 			data.uid = socket.uid;
+			data.picture = validator.escape(data.picture);
+			data.username = validator.escape(data.username);
+			data.userslug = validator.escape(data.userslug);
+
 			websockets.in(data.enter).emit('event:user_enter', data);
 		}
 	}