From f351dc786b7ae7a9003cf9b3a22b2c025a8a0371 Mon Sep 17 00:00:00 2001
From: href <href@random.sh>
Date: Sat, 17 Feb 2018 10:41:57 +0100
Subject: txt: fix against malicious filenames (aka 'fuck you shiv')

---
 lib/lsg_irc/text_trigger_handler.ex | 1 +
 1 file changed, 1 insertion(+)

(limited to 'lib')

diff --git a/lib/lsg_irc/text_trigger_handler.ex b/lib/lsg_irc/text_trigger_handler.ex
index 0e9ef50..e8331f5 100644
--- a/lib/lsg_irc/text_trigger_handler.ex
+++ b/lib/lsg_irc/text_trigger_handler.ex
@@ -209,6 +209,7 @@ defmodule LSG.IRC.TxtHandler do
     |> String.replace("ç", "c")
     |> String.replace("ï", "i")
     |> String.replace("î", "i")
+    |> String.replace(~r/[^a-z0-9]/, "")
 
     {trigger, opts}
   end
-- 
cgit v1.2.3