diff options
author | Tony Antonov <MM263@users.noreply.github.com> | 2020-07-10 19:15:53 -0600 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-07-10 21:15:53 -0400 |
commit | 8d2465989230fae7d9aae334a67a726fd6ced912 (patch) | |
tree | d24ddd793036463314a63b201860221dc37503f4 /server | |
parent | 7a9a973c897ee9ebd68c071e2e17e561567004b6 (diff) |
Forbid users to use empty titles for posts (#930)
- Add a regex that checks if string contains anything but whitespace
- Check for whitespace-only titles on post creation and edit
- Trim whitespace from titles before saving
- Add frontend validation to title
Diffstat (limited to 'server')
-rw-r--r-- | server/lemmy_utils/src/lib.rs | 15 | ||||
-rw-r--r-- | server/src/api/post.rs | 14 |
2 files changed, 26 insertions, 3 deletions
diff --git a/server/lemmy_utils/src/lib.rs b/server/lemmy_utils/src/lib.rs index f576ea00..bbee8500 100644 --- a/server/lemmy_utils/src/lib.rs +++ b/server/lemmy_utils/src/lib.rs @@ -158,12 +158,17 @@ pub fn is_valid_community_name(name: &str) -> bool { VALID_COMMUNITY_NAME_REGEX.is_match(name) } +pub fn is_valid_post_title(title: &str) -> bool { + VALID_POST_TITLE_REGEX.is_match(title) +} + #[cfg(test)] mod tests { use crate::{ is_email_regex, is_valid_community_name, is_valid_username, + is_valid_post_title, remove_slurs, scrape_text_for_mentions, slur_check, @@ -205,6 +210,15 @@ mod tests { } #[test] + fn test_valid_post_title() { + assert!(is_valid_post_title("Post Title")); + assert!(is_valid_post_title(" POST TITLE 😃😃😃😃😃")); + assert!(!is_valid_post_title("\n \n \n \n ")); // tabs/spaces/newlines + } + + + + #[test] fn test_slur_filter() { let test = "coons test dindu ladyboy tranny retardeds. Capitalized Niggerz. This is a bunch of other safe text."; @@ -249,6 +263,7 @@ lazy_static! { static ref MENTIONS_REGEX: Regex = Regex::new(r"@(?P<name>[\w.]+)@(?P<domain>[a-zA-Z0-9._:-]+)").unwrap(); static ref VALID_USERNAME_REGEX: Regex = Regex::new(r"^[a-zA-Z0-9_]{3,20}$").unwrap(); static ref VALID_COMMUNITY_NAME_REGEX: Regex = Regex::new(r"^[a-z0-9_]{3,20}$").unwrap(); + static ref VALID_POST_TITLE_REGEX: Regex = Regex::new(r".*\S.*").unwrap(); pub static ref WEBFINGER_COMMUNITY_REGEX: Regex = Regex::new(&format!( "^group:([a-z0-9_]{{3, 20}})@{}$", Settings::get().hostname diff --git a/server/src/api/post.rs b/server/src/api/post.rs index c56a00df..cbdb976c 100644 --- a/server/src/api/post.rs +++ b/server/src/api/post.rs @@ -28,7 +28,7 @@ use lemmy_db::{ Saveable, SortType, }; -use lemmy_utils::{make_apub_endpoint, slur_check, slurs_vec_to_str, EndpointType}; +use lemmy_utils::{is_valid_post_title, make_apub_endpoint, slur_check, slurs_vec_to_str, EndpointType}; use serde::{Deserialize, Serialize}; use std::str::FromStr; @@ -135,6 +135,10 @@ impl Perform for Oper<CreatePost> { } } + if !is_valid_post_title(&data.name) { + return Err(APIError::err("invalid_post_title").into()); + } + let user_id = claims.id; // Check for a community ban @@ -156,7 +160,7 @@ impl Perform for Oper<CreatePost> { fetch_iframely_and_pictrs_data(&self.client, data.url.to_owned()).await; let post_form = PostForm { - name: data.name.to_owned(), + name: data.name.trim().to_owned(), url: data.url.to_owned(), body: data.body.to_owned(), community_id: data.community_id, @@ -516,6 +520,10 @@ impl Perform for Oper<EditPost> { } } + if !is_valid_post_title(&data.name) { + return Err(APIError::err("invalid_post_title").into()); + } + let claims = match Claims::decode(&data.auth) { Ok(claims) => claims.claims, Err(_e) => return Err(APIError::err("not_logged_in").into()), @@ -565,7 +573,7 @@ impl Perform for Oper<EditPost> { let read_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??; let post_form = PostForm { - name: data.name.to_owned(), + name: data.name.trim().to_owned(), url: data.url.to_owned(), body: data.body.to_owned(), creator_id: data.creator_id.to_owned(), |