github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-26 12:05:25 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: Correctly censor strings starting or ending with non-word characters (#6445)

Browse Source
This commit is contained in:
David Taylor
2018-10-04 15:15:10 +01:00
committed by GitHub
parent 361ad7ed2b
commit 3c2608d41c
2 changed files with 26 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
app/assets/javascripts/pretty-text/censored-words.js.es6
View File

@ -2,6 +2,10 @@ function escapeRegexp(text) {
return text.replace(/[-/\\^$*+?.()|[\]{}]/g, "\\$&").replace(/\*/g, "S*"); return text.replace(/[-/\\^$*+?.()|[\]{}]/g, "\\$&").replace(/\*/g, "S*");
} }
function createCensorRegexp(patterns) {
return new RegExp(`((?<!\\w)(?:${patterns.join("|")}))(?!\\w)`, "ig");
}
export function censorFn( export function censorFn(
censoredWords, censoredWords,
replacementLetter, replacementLetter,
@ -28,10 +32,7 @@ export function censorFn(
"ig" "ig"
); );
} else { } else {
censorRegexp = new RegExp( censorRegexp = createCensorRegexp(patterns);
"(\\b(?:" + patterns.join("|") + ")\\b)(?![^\\(]*\\))",
"ig"
);
} }
if (censorRegexp) { if (censorRegexp) {
@ -53,10 +54,7 @@ export function censorFn(
replacementLetter replacementLetter
); );
text = text.replace( text = text.replace(
new RegExp( createCensorRegexp([escapeRegexp(m[0])]),
`(\\b${escapeRegexp(m[0])}\\b)(?![^\\(]*\\))`,
"ig"
),
replacement replacement
); );
} }

21
test/javascripts/lib/pretty-text-test.js.es6
View File

@ -16,7 +16,7 @@ const rawOpts = {
enable_markdown_linkify: true, enable_markdown_linkify: true,
markdown_linkify_tlds: "com" markdown_linkify_tlds: "com"
}, },
censoredWords: "shucks|whiz|whizzer|a**le|badword*", censoredWords: "shucks|whiz|whizzer|a**le|badword*|shuck$|café|$uper",
getURL: url => url getURL: url => url
}; };
@ -959,6 +959,25 @@ QUnit.test("censoring", assert => {
"<p>I have a pen, I have an ■■■■■</p>", "<p>I have a pen, I have an ■■■■■</p>",
"it escapes regexp chars" "it escapes regexp chars"
); );
assert.cooked(
"Aw shuck$, I can't fix the problem with money",
"<p>Aw ■■■■■■, I can't fix the problem with money</p>",
"it works for words ending in non-word characters"
);
assert.cooked(
"Let's go to a café today",
"<p>Let's go to a ■■■■ today</p>",
"it works for words ending in accented characters"
);
assert.cooked(
"Discourse is $uper amazing",
"<p>Discourse is ■■■■■ amazing</p>",
"it works for words starting with non-word characters"
);
assert.cooked( assert.cooked(
"No badword or apple here plz.", "No badword or apple here plz.",
"<p>No ■■■■■■■ or ■■■■■ here plz.</p>", "<p>No ■■■■■■■ or ■■■■■ here plz.</p>",