[bugfix] use start + end line in regex when validating emoji via API (#2671)

This commit is contained in:
tobi 2024-02-20 11:46:04 +01:00 committed by GitHub
parent ddfc725744
commit 65a273bc39
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 61 additions and 3 deletions

View file

@ -47,6 +47,7 @@ const (
mentionFinder = `(?:^|\s)(@` + usernameGrp + `+(?:@` + domainGrp + `+)?)` // Extract all mentions from a text, each mention may include domain. mentionFinder = `(?:^|\s)(@` + usernameGrp + `+(?:@` + domainGrp + `+)?)` // Extract all mentions from a text, each mention may include domain.
emojiShortcode = `\w{2,30}` // Pattern for emoji shortcodes. maximumEmojiShortcodeLength = 30 emojiShortcode = `\w{2,30}` // Pattern for emoji shortcodes. maximumEmojiShortcodeLength = 30
emojiFinder = `(?:\b)?:(` + emojiShortcode + `):(?:\b)?` // Extract all emoji shortcodes from a text. emojiFinder = `(?:\b)?:(` + emojiShortcode + `):(?:\b)?` // Extract all emoji shortcodes from a text.
emojiValidator = `^` + emojiShortcode + `$` // Validate a single emoji shortcode.
usernameStrict = `^[a-z0-9_]{1,64}$` // Pattern for usernames on THIS instance. maximumUsernameLength = 64 usernameStrict = `^[a-z0-9_]{1,64}$` // Pattern for usernames on THIS instance. maximumUsernameLength = 64
usernameRelaxed = `[a-z0-9_\.]{1,}` // Relaxed version of username that can match instance accounts too. usernameRelaxed = `[a-z0-9_\.]{1,}` // Relaxed version of username that can match instance accounts too.
misskeyReportNotesFinder = `(?m)(?:^Note: ((?:http|https):\/\/.*)$)` // Extract reported Note URIs from the text of a Misskey report/flag. misskeyReportNotesFinder = `(?m)(?:^Note: ((?:http|https):\/\/.*)$)` // Extract reported Note URIs from the text of a Misskey report/flag.
@ -95,8 +96,8 @@ var (
// MentionFinder extracts whole mentions from a piece of text. // MentionFinder extracts whole mentions from a piece of text.
MentionFinder = regexp.MustCompile(mentionFinder) MentionFinder = regexp.MustCompile(mentionFinder)
// EmojiShortcode validates an emoji name. // EmojiValidator validates an emoji shortcode.
EmojiShortcode = regexp.MustCompile(emojiShortcode) EmojiValidator = regexp.MustCompile(emojiValidator)
// EmojiFinder extracts emoji strings from a piece of text. // EmojiFinder extracts emoji strings from a piece of text.
// See: https://regex101.com/r/478XGM/1 // See: https://regex101.com/r/478XGM/1

View file

@ -191,7 +191,7 @@ func CustomCSS(customCSS string) error {
// for emoji shortcodes, to figure out whether it's a valid shortcode, ie., 2-30 characters, // for emoji shortcodes, to figure out whether it's a valid shortcode, ie., 2-30 characters,
// a-zA-Z, numbers, and underscores. // a-zA-Z, numbers, and underscores.
func EmojiShortcode(shortcode string) error { func EmojiShortcode(shortcode string) error {
if !regexes.EmojiShortcode.MatchString(shortcode) { if !regexes.EmojiValidator.MatchString(shortcode) {
return fmt.Errorf("shortcode %s did not pass validation, must be between 2 and 30 characters, letters, numbers, and underscores only", shortcode) return fmt.Errorf("shortcode %s did not pass validation, must be between 2 and 30 characters, letters, numbers, and underscores only", shortcode)
} }
return nil return nil

View file

@ -321,6 +321,63 @@ func (suite *ValidationTestSuite) TestValidateCustomCSSTooLongUnicode() {
suite.EqualError(err, "custom_css must be less than 5 characters, but submitted custom_css was 10 characters") suite.EqualError(err, "custom_css must be less than 5 characters, but submitted custom_css was 10 characters")
} }
func (suite *ValidationTestSuite) TestValidateEmojiShortcode() {
type testStruct struct {
shortcode string
ok bool
}
for _, test := range []testStruct{
{
shortcode: "peepee",
ok: true,
},
{
shortcode: "poo-poo",
ok: false,
},
{
shortcode: "-peepee",
ok: false,
},
{
shortcode: "p",
ok: false,
},
{
shortcode: "pp",
ok: true,
},
{
shortcode: "6969",
ok: true,
},
{
shortcode: "__peepee",
ok: true,
},
{
shortcode: "_",
ok: false,
},
{
// Too long.
shortcode: "_XxX_Ultimate_Gamer_dude_6969_420_",
ok: false,
},
{
shortcode: "_XxX_Ultimate_Gamer_dude_6969_",
ok: true,
},
} {
err := validate.EmojiShortcode(test.shortcode)
ok := err == nil
if !suite.Equal(test.ok, ok) {
suite.T().Logf("fail on %s", test.shortcode)
}
}
}
func TestValidationTestSuite(t *testing.T) { func TestValidationTestSuite(t *testing.T) {
suite.Run(t, new(ValidationTestSuite)) suite.Run(t, new(ValidationTestSuite))
} }