deblan-mirror/thelounge
deblan-mirror/thelounge
1
0
Fork 0
mirror of https://github.com/thelounge/thelounge.git synced 2024-06-18 13:35:10 +02:00
Code Issues Projects Releases Wiki Activity

Merge pull request #3715 from thelounge/xpaw/nick-pattern

Browse source 
Disallow some invalid characters in nicknames and usernames
This commit is contained in:
Pavel Djundik 2020-01-22 10:28:51 +02:00 committed by GitHub
parent 8b04979eac 1a7135c5e0
commit 5b68fb5054
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
client/components/NetworkForm.vue
View file

@ -90,6 +90,7 @@
id="connect:nick"
class="input nick"
name="nick"
pattern="[^\s:!@]+"
:value="defaults.nick"
maxlength="100"
required
@ -104,8 +105,9 @@
ref="usernameInput"
class="input username"
name="username"
pattern="[^\s:!@]+"
:value="defaults.username"
maxlength="512"
maxlength="100"
/>
</div>
</template>
@ -118,7 +120,7 @@
class="input"
:type="slotProps.isVisible ? 'text' : 'password'"
name="password"
maxlength="512"
maxlength="300"
/>
</RevealPassword>
</div>
@ -129,7 +131,7 @@
class="input"
name="realname"
:value="defaults.realname"
maxlength="512"
maxlength="300"
/>
</div>
<template v-if="defaults.uuid">

26
src/models/network.js
View file

@ -62,26 +62,24 @@ function Network(attr) {
}
Network.prototype.validate = function(client) {
// If entered nick is over 100 characters, limit it so we don't try to compile a big regex
if (this.nick && this.nick.length > 100) {
this.nick = this.nick.substring(0, 100);
}
// Remove !, :, @ and whitespace characters from nicknames and usernames
const cleanNick = (str) => str.replace(/[\x00\s:!@]/g, "_").substring(0, 100);
this.setNick(String(this.nick || Helper.getDefaultNick()).replace(/\s/g, "_"));
// Remove new lines and limit length
const cleanString = (str) => str.replace(/[\x00\r\n]/g, "").substring(0, 300);
this.setNick(cleanNick(String(this.nick || Helper.getDefaultNick())));
if (!this.username) {
// If username is empty, make one from the provided nick
this.username = this.nick.replace(/[^a-zA-Z0-9]/g, "");
} else {
// Remove any whitespace from usernames as that is not valid
this.username = this.username.replace(/\s/g, "_").substring(0, 100);
}
if (!this.realname) {
this.realname = "The Lounge User";
} else {
// Remove newlines from realnames
this.realname = this.realname.replace(/[\r\n]/g, "_").substring(0, 128);
}
this.username = cleanNick(this.username) || "thelounge";
this.realname = cleanString(this.realname) || "The Lounge User";
this.password = cleanString(this.password);
this.host = cleanString(this.host);
this.name = cleanString(this.name);
if (!this.port) {
this.port = this.tls ? 6697 : 6667;