diff options
Diffstat (limited to 'juick-common/src/main/java/com/juick/server')
-rw-r--r-- | juick-common/src/main/java/com/juick/server/CommandsManager.java | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/juick-common/src/main/java/com/juick/server/CommandsManager.java b/juick-common/src/main/java/com/juick/server/CommandsManager.java index 82d293fed..ab55bba7e 100644 --- a/juick-common/src/main/java/com/juick/server/CommandsManager.java +++ b/juick-common/src/main/java/com/juick/server/CommandsManager.java @@ -29,9 +29,9 @@ import com.juick.server.helpers.CommandResult; import com.juick.server.helpers.TagStats; import com.juick.server.helpers.annotation.UserCommand; import com.juick.server.util.HttpUtils; -import com.juick.server.util.ImageUtils; import com.juick.server.util.TagUtils; import com.juick.service.*; +import com.juick.util.MessageUtils; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.math.NumberUtils; @@ -79,7 +79,8 @@ public class CommandsManager { private ImagesService imagesService; public CommandResult processCommand(User user, String data, @Nonnull URI attachment) throws Exception { - String input = StringUtils.stripStart(data, null); + String strippedData = StringUtils.stripStart(data, null); + String input = MessageUtils.stripNonSafeUrls(strippedData); Optional<Method> cmd = MethodUtils.getMethodsListWithAnnotation(getClass(), UserCommand.class).stream() .filter(m -> Pattern.compile(m.getAnnotation(UserCommand.class).pattern(), m.getAnnotation(UserCommand.class).patternFlags()).matcher(input).matches()) |