From 21a1fe0de3a317b5487ac6f47541268d2a6f4fbb Mon Sep 17 00:00:00 2001
From: rhailrake <49613070+rhailrake@users.noreply.github.com>
Date: Fri, 28 Apr 2023 10:13:54 +0600
Subject: [PATCH] [fix] No more exploits.

---
 Content.Server/Chat/Managers/ChatSanitizationManager.cs  | 5 +++++
 Content.Server/Chat/Managers/IChatSanitizationManager.cs | 2 ++
 Content.Server/Chat/Systems/ChatSystem.cs                | 3 +++
 3 files changed, 10 insertions(+)

diff --git a/Content.Server/Chat/Managers/ChatSanitizationManager.cs b/Content.Server/Chat/Managers/ChatSanitizationManager.cs
index 4609219b2d..e2a54c13ce 100644
--- a/Content.Server/Chat/Managers/ChatSanitizationManager.cs
+++ b/Content.Server/Chat/Managers/ChatSanitizationManager.cs
@@ -146,5 +146,10 @@ public sealed class ChatSanitizationManager : IChatSanitizationManager
 
         return newMessage;
     }
+
+    public string SanitizeTags(string input)
+    {
+        return FormattedMessage.RemoveMarkup(input);
+    }
     //WD-EDIT
 }
diff --git a/Content.Server/Chat/Managers/IChatSanitizationManager.cs b/Content.Server/Chat/Managers/IChatSanitizationManager.cs
index 28e746be6b..540523f6df 100644
--- a/Content.Server/Chat/Managers/IChatSanitizationManager.cs
+++ b/Content.Server/Chat/Managers/IChatSanitizationManager.cs
@@ -10,5 +10,7 @@ public interface IChatSanitizationManager
 
     //WD-EDIT
     public string SanitizeOutSlang(string input);
+
+    public string SanitizeTags(string input);
     //WD-EDIT
 }
diff --git a/Content.Server/Chat/Systems/ChatSystem.cs b/Content.Server/Chat/Systems/ChatSystem.cs
index 021a426c9f..6e5f3b9efd 100644
--- a/Content.Server/Chat/Systems/ChatSystem.cs
+++ b/Content.Server/Chat/Systems/ChatSystem.cs
@@ -764,6 +764,9 @@ public sealed partial class ChatSystem : SharedChatSystem
     private string SanitizeInGameICMessage(EntityUid source, string message, out string? emoteStr, bool capitalize = true, bool punctuate = false, bool sanitizeSlang = true)
     {
         var newMessage = message.Trim();
+
+        newMessage = _sanitizer.SanitizeTags(newMessage);
+
         if(sanitizeSlang)
             newMessage = _sanitizer.SanitizeOutSlang(newMessage);
         if (capitalize)