From 480056de88b3a8205ff584e4950a6c117f991737 Mon Sep 17 00:00:00 2001 From: Côme Chilliet Date: Tue, 23 Nov 2021 09:10:38 +0100 Subject: Fix sanitizing regex and add a test case for uppercase in username MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit I did not find any test data that would fail with the previous regex, but still added data with uppercase to at least test that. Signed-off-by: Côme Chilliet --- apps/user_ldap/lib/Access.php | 4 ++-- apps/user_ldap/tests/AccessTest.php | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'apps/user_ldap') diff --git a/apps/user_ldap/lib/Access.php b/apps/user_ldap/lib/Access.php index d981bf0e54b..0af04747ded 100644 --- a/apps/user_ldap/lib/Access.php +++ b/apps/user_ldap/lib/Access.php @@ -1437,9 +1437,9 @@ class Access extends LDAPUtility { $name = htmlentities($name, ENT_NOQUOTES, 'UTF-8'); // Remove accents - $name = preg_replace('#&([A-za-z])(?:acute|cedil|caron|circ|grave|orn|ring|slash|th|tilde|uml);#', '\1', $name); + $name = preg_replace('#&([A-Za-z])(?:acute|cedil|caron|circ|grave|orn|ring|slash|th|tilde|uml);#', '\1', $name); // Remove ligatures - $name = preg_replace('#&([A-za-z]{2})(?:lig);#', '\1', $name); + $name = preg_replace('#&([A-Za-z]{2})(?:lig);#', '\1', $name); // Remove unknown leftover entities $name = preg_replace('#&[^;]+;#', '', $name); diff --git a/apps/user_ldap/tests/AccessTest.php b/apps/user_ldap/tests/AccessTest.php index c0cc856d143..c27477706ee 100644 --- a/apps/user_ldap/tests/AccessTest.php +++ b/apps/user_ldap/tests/AccessTest.php @@ -696,6 +696,7 @@ class AccessTest extends TestCase { ['debo rah', 'debo_rah'], ['epost@poste.test', 'epost@poste.test'], ['fränk', 'frank'], + [' UPPÉR Case/[\]^`', 'UPPER_Case'], [' gerda ', 'gerda'], ['🕱🐵🐘🐑', null], [ -- cgit v1.2.3