search

witch-house / pronoun.is

Show people how to use pronouns!
http://pronoun.is
GNU Affero General Public License v3.0
929 stars 103 forks source link

pronoun.is allows duplicate or's #75

Closed llzes closed 6 years ago

llzes commented 6 years ago

Currently right now when you request for pronouns you can duplicate your request.

Example: http://pronoun.is/he/?or=he&or=he he/he/he

http://pronoun.is/he/?or=he&or=ze he/he/ze

I believe this is where the issue lies: pronoun.is/src/pronouns/pages.clj with the following code where it's allowing this maybe? I think:

(defn pronouns [params]
  (let [path (params :*)
        alts (or (params "or") [])
        pronouns (concat [path] (u/vec-coerce alts))
        pronoun-declensions (filter some? (map #(lookup-pronouns
                                                 (escape-html %))
                                               pronouns))]
    (if (seq pronoun-declensions)
      (format-pronoun-examples pronoun-declensions)
      (not-found))))

I haven't done clojure before so I'm unsure if this would be the fix for that or not:

alts (distinct (params "or") [])
;; or
alts (or (distinct (params "or") []))
;; or something else?

I'd be happy to make a pull request if that's the fix! Either way I think this project is really cute and it makes me happy to see on Twitter a lot. Thank you so much for doing this.

morganastra commented 6 years ago

I don't really think this is a bug; the user would have to explicitly request the same pronouns to show up as alternates multiple times, and while I'm not sure why you would want to, it also wouldn't be unexpected or make the site more difficult to use.

That said, if it's important to you to change this behavior I would accept a PR to do it. Please be sure to include tests that show it works as expected!