Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-29 18:16:17 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: proactively guard against homograph characters in website values

Browse Source
This commit is contained in:
Julian Lam
2022-01-31 17:02:48 -05:00
parent 322f103340
commit fa7dcdb968
1 changed files with 22 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/user/profile.js
View File

@@ -4,6 +4,7 @@
const _ = require('lodash'); const _ = require('lodash');
const validator = require('validator'); const validator = require('validator');
const winston = require('winston'); const winston = require('winston');
const punycode = require('punycode');
const utils = require('../utils'); const utils = require('../utils');
const slugify = require('../slugify'); const slugify = require('../slugify');
@@ -45,14 +46,28 @@ module.exports = function (User) {
data[field] = data[field].trim(); data[field] = data[field].trim();
if (field === 'email') { switch (field) {
return await updateEmail(updateUid, data.email); case 'email': {
} else if (field === 'username') { return await updateEmail(updateUid, data.email);
return await updateUsername(updateUid, data.username); }
} else if (field === 'fullname') {
return await updateFullname(updateUid, data.fullname); case 'username': {
return await updateUsername(updateUid, data.username);
}
case 'fullname': {
return await updateFullname(updateUid, data.fullname);
}
case 'website': {
updateData[field] = punycode.toASCII(data[field]);
break;
}
default: {
updateData[field] = data[field];
}
} }
updateData[field] = data[field];
})); }));
if (Object.keys(updateData).length) { if (Object.keys(updateData).length) {