From 81b8b78df026a62067548b9b36b198799cbe5385 Mon Sep 17 00:00:00 2001
From: cypherbits <info@avanix.es>
Date: Sun, 3 May 2020 11:13:52 +0200
Subject: [PATCH 1/2] Fix XSS in session variables.

---
 chat.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/chat.php b/chat.php
index 172d838..1aba849 100644
--- a/chat.php
+++ b/chat.php
@@ -45,6 +45,7 @@ load_config();
 if(!isset($_REQUEST['session']) && isset($_COOKIE[COOKIENAME])){
 	$_REQUEST['session']=$_COOKIE[COOKIENAME];
 }
+$_REQUEST['session'] = preg_replace('/[^0-9a-zA-Z]/', '', $_REQUEST['session']);
 load_lang();
 check_db();
 cron();

From 0f97ddd5738ed7c485a8c1e5abe2b30bd6724022 Mon Sep 17 00:00:00 2001
From: cypherbits <info@avanix.es>
Date: Sun, 3 May 2020 15:08:30 +0200
Subject: [PATCH 2/2] Fix Content-Security-Policy header.

---
 chat.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/chat.php b/chat.php
index 172d838..4db7bb3 100644
--- a/chat.php
+++ b/chat.php
@@ -3285,7 +3285,7 @@ function send_headers(){
 	header('Cache-Control: no-cache, no-store, must-revalidate, max-age=0');
 	header('Expires: 0');
 	header('Referrer-Policy: no-referrer');
-	header('Content-Security-Policy: referrer never');
+	header("Content-Security-Policy: default-src 'self'; img-src *; media-src *; script-src 'self'; style-src *");
     header('X-Content-Type-Options: nosniff');
     header('X-Frame-Options: sameorigin');
     header('X-XSS-Protection: 1; mode=block');