schinken
commented
9 years ago Do you have a good method to filter those characters? I don't want to maintain a whitelist
Maybe this?
userInput = userInput.replace(/[\u200B-\u200D\uFEFF]/g, '');Closed izzy closed 9 years ago
schinken
commented
9 years ago Do you have a good method to filter those characters? I don't want to maintain a whitelist
Maybe this?
userInput = userInput.replace(/[\u200B-\u200D\uFEFF]/g, '');
izzy
commented
9 years ago Of course, a whitelist of UTF8 chars would be too tedious. Generally, there is no reason to block chars, except for a simple, small list of really bad characters. But I'm not sure which characters you would want to replace that are not already handled by your app. But for a general Idea:
For those whitespaces: The German Wikipedia has a nice list.
schinken
commented
9 years ago I'm currently thinking about integrating this functionality to the server instead to the frontend.
This is just for me as a reminder: ;)
[\xA0\u1680\u2002-\u200b\u202F\u205F\u2060\u3000\uFEFF]+
Whitespace chars like U+200B should not be allowed as they allow the creation of optically identical usernames.