From e4f51eb821347c28b997fae4a48664281b6e7c07 Mon Sep 17 00:00:00 2001
From: Menci <HuangHaoRui301@Gmail.com>
Date: Sun, 16 Apr 2017 20:27:28 +0800
Subject: [PATCH] Fix table tag XSS in user infomation

---
 views/index.ejs    | 2 ++
 views/ranklist.ejs | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/views/index.ejs b/views/index.ejs
index bd1841b..ce26c06 100644
--- a/views/index.ejs
+++ b/views/index.ejs
@@ -43,7 +43,9 @@
                     <td><a href="<%= syzoj.utils.makeUrl(['user', user.id]) %>"><%= user.username %></a><% if (user.nameplate) { %><%- user.nameplate %><% } %></td>
                     <td>
                       <div style="max-height: 70px; overflow: hidden; ">
+                        <table width="100%"><tr style="border: none; "><td style="padding: 0; ">
                         <%- user.information %>
+                        </td></table>
                       </div>
                     </td>
                 </tr>
diff --git a/views/ranklist.ejs b/views/ranklist.ejs
index 33c6c9d..62f2d0b 100644
--- a/views/ranklist.ejs
+++ b/views/ranklist.ejs
@@ -27,7 +27,9 @@
 		        	<td><a href="<%= syzoj.utils.makeUrl(['user', user.id]) %>"><%= user.username %></a><% if (user.nameplate) { %><%- user.nameplate %><% } %></td>
 		        	<td>
                 <div style="max-height: 70px; overflow: hidden; ">
+                  <table width="100%"><tr style="border: none; "><td style="padding: 0; ">
                   <%- user.information %>
+                  </td></tr></table>
                 </div>
               </td>
 		        	<td><%= user.ac_num %></td>