diff options
author | Saptak S <saptak013@gmail.com> | 2024-03-08 20:50:37 +0530 |
---|---|---|
committer | Saptak S <saptak013@gmail.com> | 2024-03-08 21:00:19 +0530 |
commit | ad61786b0f317003586d175d0525094e63a782ca (patch) | |
tree | daa76580e6a59fbb350d0bef655af06588a1f213 | |
parent | fe7bd43f04275a17cb3ab0d31e9a2f5c1ae3e263 (diff) | |
download | onionshare-ad61786b0f317003586d175d0525094e63a782ca.tar.gz onionshare-ad61786b0f317003586d175d0525094e63a782ca.zip |
Allows only specific unicode characters for username
Added a function to remove all characters apart from characters which
fall under the unicode categories of letters and numbers. Also added a
list of allowed special characters.
-rw-r--r-- | cli/onionshare_cli/web/chat_mode.py | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/cli/onionshare_cli/web/chat_mode.py b/cli/onionshare_cli/web/chat_mode.py index 5a11eedd..dd151451 100644 --- a/cli/onionshare_cli/web/chat_mode.py +++ b/cli/onionshare_cli/web/chat_mode.py @@ -17,6 +17,7 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. """ +import unicodedata from flask import request, render_template, make_response, jsonify, session from flask_socketio import emit, ConnectionRefusedError @@ -47,11 +48,28 @@ class ChatModeWeb: self.define_routes() + def remove_unallowed_characters(self, text): + allowed_unicode_categories = [ + 'L', # All letters + 'N', # All numbers + ] + allowed_special_characters = [ + '-', # dash + '_', # underscore + ' ', # single space + ] + + def allowed_character(ch): + return unicodedata.category(ch)[0] in allowed_unicode_categories or ch in allowed_special_characters + + return "".join( + ch for ch in text if allowed_character(ch) + ) + def validate_username(self, username): - username = username.strip() + username = self.remove_unallowed_characters(username.strip()) return ( username - and username.isascii() and username not in self.connected_users and len(username) < 128 ) |