This commit revises the chat history feature to work like my
terminal emulator. Specifically, when reviewing the history
with up/key, changes to the lines are now saved. This makes
the feature significantly more useful and also prevents
annoyance if the user presses up when typing a line, because
the user can now just press down to get the line back (and vice
versa), as opposed to the line being gone.
This commit implements a feature commonly found in IRC clients,
wherein the user can press the up key to recall previously sent
messages (and can press the down key to cycle back the other
direction in the history).
This commit is similar to pull request #11, except that this
implementation works properly.
- check timestamp in index.php rather than sim.js to reduce the chance
of false positives caused by the user's internet connection being
slow or the user's clock being slightly wrong
- require timestamp logging to be a POST request
This avoids an attack where a malicious webpage contains
<script id="data" type="application/json"
src="http://play.pokemonshowdown.com/~~showdown/action.php?act=upkeep"/>
The webpage could then read the value of the `data` element using
standard DOM methods in order to steal the user's login assertion
and login as the user on the `showdown` server.
Improve timestamps so they can be configured separatedly for
PMs and lobby chat.
Cathy J. Fitzpatrick <cathy@cathyjf.com> revised this commit to
fix a number of bugs.
This commit implements the following:
- each server now has a separate session with a 'sid' cookie
scoped to /~~server:port
- 'sid' cookies are now HTTP-only and not accessible in JavaScript
- the showdown_token cookie is removed
Together, these changes fix various XSS attacks.
Firefox renders the height of a <textarea> based on the `rows`
attribute, which was not previously specified, causing the <textarea>
in the teambuilder to be very short. This commit specifies a
(somewhat arbitrary) `rows` attribute so that the <textarea> has
some more height.
Added highlighting words:
Users may now use the new highlight commands:
-Use /highlight add, word to add a highlighting word.
You might add several words separated with commands.
-In a likewise fashion, /highlight delete, word deletes words.
-Using /highlight delete with no words will delete all.
-/highlight show or list will show all current highlight words.
-By default no word is added to highlights.
-Words are escaped
- battle logs no longer have timestamps
- getTimestamp is moved to a property of the Lobby function
- the prefs global variable is replaced by a prefs API
In order to preserve the previous status quo for now, this
commit turns timestamps off by default. They can be turned on
using /timestamps minutes or /timestamps seconds.
The past log sent from the server when joining a room does not
contain information about when the messages were sent, so we
do not show a timestamp for those messages.
This commit implements timestamp functionality in the lobby chat,
in private messages, and in battle chats. Timestamps are controlled
by a /timestamps command, which has three legal invocations:
/timestamps off
turns off timestamps
/timestamps minutes
show timestamps of the form [hh:mm]
/timestamps seconds
show timestamps of the form [hh:mm:ss]
For now, the default setting is /timestamps minutes. If this proves
unpopular, it can be changed. The timestamp preference is stored in
localStorage and does not have to be set every time.
