diff options
| author | href <href@random.sh> | 2018-02-17 10:41:57 +0100 |
|---|---|---|
| committer | href <href@random.sh> | 2018-02-17 10:41:57 +0100 |
| commit | f351dc786b7ae7a9003cf9b3a22b2c025a8a0371 (patch) | |
| tree | c604b2a11be88f84dd01bc6ebb7745cc86221d9c | |
| parent | update (diff) | |
txt: fix against malicious filenames (aka 'fuck you shiv')
| -rw-r--r-- | lib/lsg_irc/text_trigger_handler.ex | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/lsg_irc/text_trigger_handler.ex b/lib/lsg_irc/text_trigger_handler.ex index 0e9ef50..e8331f5 100644 --- a/lib/lsg_irc/text_trigger_handler.ex +++ b/lib/lsg_irc/text_trigger_handler.ex @@ -209,6 +209,7 @@ defmodule LSG.IRC.TxtHandler do |> String.replace("ç", "c") |> String.replace("ï", "i") |> String.replace("î", "i") + |> String.replace(~r/[^a-z0-9]/, "") {trigger, opts} end |