From 32c385e8d7dd55194de1904462afc73b38a1542e Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Sun, 15 Jun 2014 16:30:55 +0100 Subject: [PATCH] Probit control characters in user names --- app/models/user.rb | 2 +- test/models/user_test.rb | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index b27e0cda5..9bfb96776 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -42,7 +42,7 @@ class User < ActiveRecord::Base validates_length_of :display_name, :within => 3..255, :allow_nil => true validates_email_format_of :email, :if => Proc.new { |u| u.email_changed? } validates_email_format_of :new_email, :allow_blank => true, :if => Proc.new { |u| u.new_email_changed? } - validates_format_of :display_name, :with => /\A[^\/;.,?%#]*\z/, :if => Proc.new { |u| u.display_name_changed? } + validates_format_of :display_name, :with => /\A[^\x00-\x1f\x7f\/;.,?%#]*\z/, :if => Proc.new { |u| u.display_name_changed? } validates_format_of :display_name, :with => /\A\S/, :message => "has leading whitespace", :if => Proc.new { |u| u.display_name_changed? } validates_format_of :display_name, :with => /\S\z/, :message => "has trailing whitespace", :if => Proc.new { |u| u.display_name_changed? } validates_numericality_of :home_lat, :allow_nil => true diff --git a/test/models/user_test.rb b/test/models/user_test.rb index 7f24469f6..15bd64ccc 100644 --- a/test/models/user_test.rb +++ b/test/models/user_test.rb @@ -86,7 +86,8 @@ class UserTest < ActiveSupport::TestCase # These need to be 3 chars in length, otherwise the length test above # should be used. bad = [ "
", "test@example.com", "s/f", "aa/", "aa;", "aa.", - "aa,", "aa?", "/;.,?", "も対応します/", "#ping" ] + "aa,", "aa?", "/;.,?", "も対応します/", "#ping", + "foo\x1fbar", "foo\x7fbar" ] ok.each do |display_name| user = users(:normal_user) user.display_name = display_name -- 2.43.2