From 8f0bd88ed4f6cfc5feae0da746f839d356a10f53 Mon Sep 17 00:00:00 2001 From: Niels Andriesse Date: Mon, 21 Oct 2019 15:59:06 +1100 Subject: [PATCH] Limit allowed characters in display names --- Signal/src/Loki/Onboarding/DisplayNameVC.swift | 3 +++ Signal/src/ViewControllers/ProfileViewController.m | 5 +++++ Signal/translations/en.lproj/Localizable.strings | 1 + .../src/Loki/API/Public Chat/LokiPublicChatMessage.swift | 2 +- 4 files changed, 10 insertions(+), 1 deletion(-) diff --git a/Signal/src/Loki/Onboarding/DisplayNameVC.swift b/Signal/src/Loki/Onboarding/DisplayNameVC.swift index ae6640cc2..09562e594 100644 --- a/Signal/src/Loki/Onboarding/DisplayNameVC.swift +++ b/Signal/src/Loki/Onboarding/DisplayNameVC.swift @@ -58,6 +58,9 @@ final class DisplayNameVC : OnboardingBaseViewController { guard !displayName.isEmpty else { return OWSAlerts.showErrorAlert(message: NSLocalizedString("Please pick a display name", comment: "")) } + guard displayName.allSatisfy({ "0"..."9" ~= $0 || "a"..."z" ~= $0 || "A"..."Z" ~= $0 || $0 == "_" }) else { + return OWSAlerts.showErrorAlert(message: NSLocalizedString("Please pick a display name that consists of only a-z, A-Z, 0-9 and _ characters", comment: "")) + } guard !OWSProfileManager.shared().isProfileNameTooLong(displayName) else { return OWSAlerts.showErrorAlert(message: NSLocalizedString("Please pick a shorter display name", comment: "")) } diff --git a/Signal/src/ViewControllers/ProfileViewController.m b/Signal/src/ViewControllers/ProfileViewController.m index 3dad86d17..cae7e38c6 100644 --- a/Signal/src/ViewControllers/ProfileViewController.m +++ b/Signal/src/ViewControllers/ProfileViewController.m @@ -398,6 +398,11 @@ NSString *const kProfileView_LastPresentedDate = @"kProfileView_LastPresentedDat return [OWSAlerts showErrorAlertWithMessage:NSLocalizedString(@"Please pick a display name", @"")]; } + NSCharacterSet *allowedCharacters = [NSCharacterSet characterSetWithCharactersInString:@"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_"]; + if ([normalizedProfileName rangeOfCharacterFromSet:allowedCharacters.invertedSet].location != NSNotFound) { + return [OWSAlerts showErrorAlertWithMessage:NSLocalizedString(@"Please pick a display name that consists of only a-z, A-Z, 0-9 and _ characters", @"")]; + } + if ([OWSProfileManager.sharedManager isProfileNameTooLong:normalizedProfileName]) { return [OWSAlerts showErrorAlertWithMessage:NSLocalizedString(@"Please pick a shorter display name", @"")]; } diff --git a/Signal/translations/en.lproj/Localizable.strings b/Signal/translations/en.lproj/Localizable.strings index d7f1d61e3..f03da6c17 100644 --- a/Signal/translations/en.lproj/Localizable.strings +++ b/Signal/translations/en.lproj/Localizable.strings @@ -2647,3 +2647,4 @@ "Enter the URL of the public chat you'd like to join. The Loki Public Chat URL is https://chat.lokinet.org." = "Enter the URL of the public chat you'd like to join. The Loki Public Chat URL is https://chat.lokinet.org."; "Connecting..." = "Connecting..."; "Couldn't Connect" = "Couldn't Connect"; +"Please pick a display name that consists of only a-z, A-Z, 0-9 and _ characters" = "Please pick a display name that consists of only a-z, A-Z, 0-9 and _ characters"; diff --git a/SignalServiceKit/src/Loki/API/Public Chat/LokiPublicChatMessage.swift b/SignalServiceKit/src/Loki/API/Public Chat/LokiPublicChatMessage.swift index 95ec03859..067a20737 100644 --- a/SignalServiceKit/src/Loki/API/Public Chat/LokiPublicChatMessage.swift +++ b/SignalServiceKit/src/Loki/API/Public Chat/LokiPublicChatMessage.swift @@ -120,7 +120,7 @@ public final class LokiPublicChatMessage : NSObject { let attachmentAnnotations: [JSON] = attachments.map { attachment in let type = attachment.contentType.hasPrefix("image") ? "photo" : "video" // TODO: We should do better than this var attachmentValue: JSON = [ - // Field required by the .NET API + // Fields required by the .NET API "version" : 1, "type" : type, // Custom fields "lokiType" : attachment.kind.rawValue, "server" : attachment.server, "id" : attachment.serverID, "contentType" : attachment.contentType, "size" : attachment.size, "fileName" : attachment.fileName, "flags" : attachment.flags, "width" : attachment.width, "height" : attachment.height, "url" : attachment.url