strip escape codes from player-supplied input #3925
Labels
No Label
1. kind/balancing
1. kind/breaking
1. kind/bug
1. kind/construction
1. kind/documentation
1. kind/enhancement
1. kind/griefing
1. kind/invalid
1. kind/meme
1. kind/node limit
1. kind/other
1. kind/protocol
2. prio/controversial
2. prio/critical
2. prio/elevated
2. prio/good first issue
2. prio/interesting
2. prio/low
3. source/art
3. source/client
3. source/engine
3. source/ingame
3. source/integration
3. source/lag
3. source/license
3. source/mod upstream
3. source/unknown
3. source/website
4. step/approved
4. step/at work
4. step/blocked
4. step/discussion
4. step/help wanted
4. step/needs confirmation
4. step/partially fixed
4. step/question
4. step/ready to deploy
4. step/ready to QA test
4. step/want approval
5. result/cannot reproduce
5. result/duplicate
5. result/fixed
5. result/maybe
5. result/wontfix
ugh/petz
ugh/QA main
ugh/QA NOK
ugh/QA OK
No Milestone
No project
No Assignees
3 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: your-land/bugtracker#3925
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
someone has been abusing this, see your-land/reports#509
we can certainly strip color codes out of any chat message sent by a user, if we so wish. i can't see any reason why we'd want that enabled.
and if color codes are possible, it should also be possible to send translator codes, which has ... weird possibilities, but i don't think anything malicious. but probably those should be stripped too.
That's a UI problem and this is my approach:
DMs, Basic chat, be it in channels or in the open need to be decided by the RECEIVER which colour they are in, because they may have a preference, disability or use case for a certain colour.
Books, posters and signposts, anything that a receiver can opt out of receiving may be the colour the SENDER decides on.
Those colours should be configurable via yl_settings per account.
So, yes, let's strip colour codes out of messages for now until yl_settings.
i think those have their own way of coloring text, and don't require "actual" escape sequences involving
\033
?@AliasAlreadyTaken actually it seems like stripping color codes from chat is not something that's easy to do in lua, but there's a setting
e66e583f5e/builtin/settingtypes.txt (L733-L735)
strip_color_codes = true
in minetest.confEDIT: that setting also strips non-color-code escape sequences, so no need to worry about translation escapes and other possibilities.
This setting is already on true.
i've tested the behavior of the following things w/ colored escape sequences:
so far as i can tell, escape sequences get stripped (or just don't work) with the vast majority of things, the exceptions being mail and the body of posters, and i don't feel like their usage there could be considered abuse.
so, i think that setting is all we need to do for this.
oh. so it is O_O. why isn't it working then...
email to Bla:
it was a command block, see #3922 (comment)
closing this as a dupe of #3922, which somehow never saw.