Discourse/discourse
Discourse/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-09-07 12:02:53 +08:00
Code Packages Activity Actions 5

FIX: Escape regexp chars in SiteSetting.censored_words.

Browse source
This commit is contained in:
Rimian Perkins 2017-01-16 16:24:47 +11:00 committed by Guo Xiang Tan
parent 8fc7420f83
commit 25516874b5
3 changed files with 43 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

11
lib/validators/censored_words_validator.rb
View file

@ -1,7 +1,7 @@
class CensoredWordsValidator < ActiveModel::EachValidator
def validate_each(record, attribute, value)
if !SiteSetting.censored_words.blank? &&
!(censored_words = value.scan(/#{SiteSetting.censored_words}/i)).empty?
!(censored_words = value.scan(censored_words_regexp)).empty?
record.errors.add(
attribute, :contains_censored_words,
@ -22,6 +22,13 @@ class CensoredWordsValidator < ActiveModel::EachValidator
def join_censored_words(censored_words)
censored_words.map!(&:downcase)
censored_words.uniq!
censored_words.join(", ")
censored_words.join(", ".freeze)
end
def censored_words_regexp
Regexp.new(
SiteSetting.censored_words.split('|'.freeze).map! { |w| Regexp.escape(w) }.join('|'.freeze),
true
)
end
end