From c449f4ef73af2c05d96eb36d63d71b485a87f51e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=B0=8F=E5=A4=AA?= <nospam@xiaotai.org>
Date: Fri, 13 Sep 2013 22:16:09 +1000
Subject: [PATCH] Make sure to sanatise the tournament type

---
 js/client-tournament.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/js/client-tournament.js b/js/client-tournament.js
index e895127b8..a9d7e1262 100644
--- a/js/client-tournament.js
+++ b/js/client-tournament.js
@@ -124,7 +124,7 @@
 
 				switch (cmd) {
 					case 'create':
-						this.room.$chat.append("<div class=\"notice tournament-message-create\">A " + BattleFormats[data.shift()].name + " " + data.join('|') + " Tournament has been created.</div>");
+						this.room.$chat.append("<div class=\"notice tournament-message-create\">A " + BattleFormats[data.shift()].name + " " + Tools.escapeHTML(data.join('|')) + " Tournament has been created.</div>");
 						break;
 
 					case 'join':