From a416c438da1cc94389aa96d97929b27f3c08e5a7 Mon Sep 17 00:00:00 2001 From: SethPattee <97485847+SethPattee@users.noreply.github.com> Date: Sun, 3 Nov 2024 07:43:27 -0700 Subject: [PATCH] Added + in username regex validator, Test + in username, issue #10414 (#12819) --- Jellyfin.Server.Implementations/Users/UserManager.cs | 2 +- .../Users/UserManagerTests.cs | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/Jellyfin.Server.Implementations/Users/UserManager.cs b/Jellyfin.Server.Implementations/Users/UserManager.cs index 1b6635938b..c7ae0f4dbe 100644 --- a/Jellyfin.Server.Implementations/Users/UserManager.cs +++ b/Jellyfin.Server.Implementations/Users/UserManager.cs @@ -113,7 +113,7 @@ namespace Jellyfin.Server.Implementations.Users // This is some regex that matches only on unicode "word" characters, as well as -, _ and @ // In theory this will cut out most if not all 'control' characters which should help minimize any weirdness // Usernames can contain letters (a-z + whatever else unicode is cool with), numbers (0-9), at-signs (@), dashes (-), underscores (_), apostrophes ('), periods (.) and spaces ( ) - [GeneratedRegex(@"^[\w\ \-'._@]+$")] + [GeneratedRegex(@"^[\w\ \-'._@+]+$")] private static partial Regex ValidUsernameRegex(); /// diff --git a/tests/Jellyfin.Server.Implementations.Tests/Users/UserManagerTests.cs b/tests/Jellyfin.Server.Implementations.Tests/Users/UserManagerTests.cs index 295f558fad..665afe1118 100644 --- a/tests/Jellyfin.Server.Implementations.Tests/Users/UserManagerTests.cs +++ b/tests/Jellyfin.Server.Implementations.Tests/Users/UserManagerTests.cs @@ -10,6 +10,9 @@ namespace Jellyfin.Server.Implementations.Tests.Users [InlineData("this_is_valid")] [InlineData("this is also valid")] [InlineData("0@_-' .")] + [InlineData("Aa0@_-' .+")] + [InlineData("thisisa+testemail@test.foo")] + [InlineData("------@@@--+++----@@--abcdefghijklmn---------@----_-_-___-_ .9foo+")] public void ThrowIfInvalidUsername_WhenValidUsername_DoesNotThrowArgumentException(string username) { var ex = Record.Exception(() => UserManager.ThrowIfInvalidUsername(username));