From 679cf4930052aa891e146b6bb5e4d1b12a08ceec Mon Sep 17 00:00:00 2001
From: Lukas Haase <lukas.haase@mni.thm.de>
Date: Wed, 25 Nov 2020 12:25:07 +0100
Subject: [PATCH] limit special characters, encode special characters
---
.../room-creator-page.component.html | 4 ++--
.../room-creator-page.component.ts | 9 +++++++--
.../room-create/room-create.component.html | 3 +++
.../room-create/room-create.component.ts | 19 +++++++++++++++++--
4 files changed, 29 insertions(+), 6 deletions(-)
diff --git a/src/app/components/creator/room-creator-page/room-creator-page.component.html b/src/app/components/creator/room-creator-page/room-creator-page.component.html
index 0773fd256..ebd272068 100644
--- a/src/app/components/creator/room-creator-page/room-creator-page.component.html
+++ b/src/app/components/creator/room-creator-page/room-creator-page.component.html
@@ -103,7 +103,7 @@
<button id="gavel-button"
mat-icon-button
[disableRipple]="true"
- routerLink="/moderator/room/{{ room.shortId }}/moderator/comments"
+ routerLink="/moderator/room/{{ encodedShortId }}/moderator/comments"
aria-labelledby="gavel">
<mat-icon matBadge="{{moderatorCommentCounter > 0 ? moderatorCommentCounter : null}}"
class="main-icon"
@@ -121,7 +121,7 @@
<button id="question_answer-button2"
mat-icon-button
[disableRipple]="true"
- routerLink="/creator/room/{{ room.shortId }}/comments"
+ routerLink="/creator/room/{{ encodedShortId }}/comments"
aria-labelledby="question_answer">
<mat-icon matBadge="{{commentCounter > 0 ? commentCounter : null}}"
class="main-icon">question_answer
diff --git a/src/app/components/creator/room-creator-page/room-creator-page.component.ts b/src/app/components/creator/room-creator-page/room-creator-page.component.ts
index f47f4fab4..c4de29222 100644
--- a/src/app/components/creator/room-creator-page/room-creator-page.component.ts
+++ b/src/app/components/creator/room-creator-page/room-creator-page.component.ts
@@ -29,6 +29,7 @@ import { KeyboardKey } from '../../../utils/keyboard/keys';
})
export class RoomCreatorPageComponent extends RoomPageComponent implements OnInit, OnDestroy, AfterContentInit {
room: Room;
+ encodedShortId: string;
updRoom: Room;
commentThreshold: number;
updCommentThreshold: number;
@@ -62,9 +63,13 @@ export class RoomCreatorPageComponent extends RoomPageComponent implements OnIni
ngOnInit() {
window.scroll(0, 0);
this.translateService.use(localStorage.getItem('currentLang'));
-
this.route.params.subscribe(params => {
this.initializeRoom(params['shortId']);
+ this.encodedShortId = encodeURIComponent(params['shortId'])
+ .replace('\~', '%7E')
+ .replace('\.', '%2E')
+ .replace('\_', '%5F')
+ .replace('\-', '%2D');
});
this.listenerFn = this._r.listen(document, 'keyup', (event) => {
const lang: string = this.translateService.currentLang;
@@ -241,7 +246,7 @@ export class RoomCreatorPageComponent extends RoomPageComponent implements OnIni
selBox.style.left = '0';
selBox.style.top = '0';
selBox.style.opacity = '0';
- selBox.value = `${this.urlToCopy}${this.room.shortId}`;
+ selBox.value = `${this.urlToCopy}${this.encodedShortId}`;
document.body.appendChild(selBox);
selBox.focus();
selBox.select();
diff --git a/src/app/components/shared/_dialogs/room-create/room-create.component.html b/src/app/components/shared/_dialogs/room-create/room-create.component.html
index e98a114ee..83c40046a 100644
--- a/src/app/components/shared/_dialogs/room-create/room-create.component.html
+++ b/src/app/components/shared/_dialogs/room-create/room-create.component.html
@@ -42,6 +42,9 @@
<mat-hint align="start"
class="error"
*ngIf="shortIdAlreadyUsed"><strong>{{ 'home-page.invalid-shortid' | translate }}</strong></mat-hint>
+ <mat-hint align="start"
+ class="error"
+ *ngIf="shortIdCharInvalid"><strong>invalid</strong></mat-hint>
</mat-form-field>
</div>
</form>
diff --git a/src/app/components/shared/_dialogs/room-create/room-create.component.ts b/src/app/components/shared/_dialogs/room-create/room-create.component.ts
index bb3dcbb0b..f3e05fef0 100644
--- a/src/app/components/shared/_dialogs/room-create/room-create.component.ts
+++ b/src/app/components/shared/_dialogs/room-create/room-create.component.ts
@@ -21,6 +21,7 @@ export class RoomCreateComponent implements OnInit {
customShortIdName: string;
emptyInputs = false;
shortIdAlreadyUsed = false;
+ shortIdCharInvalid = false;
room: Room;
roomId: string;
user: User;
@@ -68,6 +69,12 @@ export class RoomCreateComponent implements OnInit {
newRoom.abbreviation = '00000000';
newRoom.description = '';
if (this.hasCustomShortId && this.customShortIdName && this.customShortIdName.length > 0) {
+ if (!new RegExp('[a-z,A-Z,\s,\-,\.,\_,\~]+').test(this.customShortIdName)) {
+ this.shortIdCharInvalid = true;
+ return;
+ } else {
+ this.shortIdCharInvalid = false;
+ }
newRoom.shortId = this.customShortIdName;
} else {
newRoom.shortId = undefined;
@@ -81,9 +88,17 @@ export class RoomCreateComponent implements OnInit {
this.translateService.get('home-page.created-1').subscribe(msg => { msg1 = msg; });
this.translateService.get('home-page.created-2').subscribe(msg => { msg2 = msg; });
this.notification.show(msg1 + longRoomName + msg2);
- this.authenticationService.setAccess(encodeURIComponent(this.room.shortId), UserRole.CREATOR);
+ this.authenticationService.setAccess(encodeURIComponent(this.customShortIdName)
+ .replace('\~', '%7E')
+ .replace('\.', '%2E')
+ .replace('\_', '%5F')
+ .replace('\-', '%2D'), UserRole.CREATOR);
this.authenticationService.assignRole(UserRole.CREATOR);
- this.router.navigate(['/creator/room/' + encodeURIComponent(this.room.shortId) ]);
+ this.router.navigate(['/creator/room/' + encodeURIComponent(this.customShortIdName)
+ .replace('\~', '%7E')
+ .replace('\.', '%2E')
+ .replace('\_', '%5F')
+ .replace('\-', '%2D') ]);
this.closeDialog();
});
}
--
GitLab