diff options
author | Vitaly Takmazov | 2018-05-08 21:46:36 +0300 |
---|---|---|
committer | Vitaly Takmazov | 2018-05-08 21:46:36 +0300 |
commit | f9f4115b7baeb9a73b63ecda3397994961071373 (patch) | |
tree | debde6ef9a819f11677cbb6966c22ec755232529 /juick-common/src/main/java/com/juick/server | |
parent | 67c5a5eedcd1bf68ade678935392eace59af1c37 (diff) |
common: strip login urls from input
Diffstat (limited to 'juick-common/src/main/java/com/juick/server')
-rw-r--r-- | juick-common/src/main/java/com/juick/server/CommandsManager.java | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/juick-common/src/main/java/com/juick/server/CommandsManager.java b/juick-common/src/main/java/com/juick/server/CommandsManager.java index 82d293fe..ab55bba7 100644 --- a/juick-common/src/main/java/com/juick/server/CommandsManager.java +++ b/juick-common/src/main/java/com/juick/server/CommandsManager.java @@ -29,9 +29,9 @@ import com.juick.server.helpers.CommandResult; import com.juick.server.helpers.TagStats; import com.juick.server.helpers.annotation.UserCommand; import com.juick.server.util.HttpUtils; -import com.juick.server.util.ImageUtils; import com.juick.server.util.TagUtils; import com.juick.service.*; +import com.juick.util.MessageUtils; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.math.NumberUtils; @@ -79,7 +79,8 @@ public class CommandsManager { private ImagesService imagesService; public CommandResult processCommand(User user, String data, @Nonnull URI attachment) throws Exception { - String input = StringUtils.stripStart(data, null); + String strippedData = StringUtils.stripStart(data, null); + String input = MessageUtils.stripNonSafeUrls(strippedData); Optional<Method> cmd = MethodUtils.getMethodsListWithAnnotation(getClass(), UserCommand.class).stream() .filter(m -> Pattern.compile(m.getAnnotation(UserCommand.class).pattern(), m.getAnnotation(UserCommand.class).patternFlags()).matcher(input).matches()) |