From: Dessalines Date: Thu, 1 Apr 2021 18:09:53 +0000 (-0400) Subject: Don't allow zero-space char in display name. Fixes #1317 X-Git-Url: http://these/git/%7B%60%24%7BghostArchiveUrl%7D/static/%7B%60%24%7BwebArchiveUrl%7D/save/%7B%60https:/%24%7Bsubmission.url%7D?a=commitdiff_plain;h=799ab94af313f635dbe4547ea2f9a85c3124fd11;p=lemmy.git Don't allow zero-space char in display name. Fixes #1317 --- diff --git a/crates/utils/src/test.rs b/crates/utils/src/test.rs index 04abd4b7..754aa8c3 100644 --- a/crates/utils/src/test.rs +++ b/crates/utils/src/test.rs @@ -32,6 +32,12 @@ fn test_valid_register_username() { fn test_valid_display_name() { assert!(is_valid_display_name("hello @there")); assert!(!is_valid_display_name("@hello there")); + + // Make sure zero-space with an @ doesn't work + assert!(!is_valid_display_name(&format!( + "{}@my name is", + '\u{200b}' + ))); } #[test] diff --git a/crates/utils/src/utils.rs b/crates/utils/src/utils.rs index 931565b6..732ac2c8 100644 --- a/crates/utils/src/utils.rs +++ b/crates/utils/src/utils.rs @@ -109,7 +109,10 @@ pub fn is_valid_username(name: &str) -> bool { // Can't do a regex here, reverse lookarounds not supported pub fn is_valid_display_name(name: &str) -> bool { - !name.starts_with('@') && name.chars().count() >= 3 && name.chars().count() <= 20 + !name.starts_with('@') + && !name.starts_with('\u{200b}') + && name.chars().count() >= 3 + && name.chars().count() <= 20 } pub fn is_valid_community_name(name: &str) -> bool {