diff --git a/Jellyfin.Server.Implementations/Users/UserManager.cs b/Jellyfin.Server.Implementations/Users/UserManager.cs index 41f1ac3519..269a3b7662 100644 --- a/Jellyfin.Server.Implementations/Users/UserManager.cs +++ b/Jellyfin.Server.Implementations/Users/UserManager.cs @@ -109,10 +109,10 @@ namespace Jellyfin.Server.Implementations.Users } } - // This is some regex that matches only on unicode "word" characters, as well as -, _ and @ + // This is some regex that matches only on unicode "word" characters, as well as -, _, @, and + // In theory this will cut out most if not all 'control' characters which should help minimize any weirdness - // Usernames can contain letters (a-z + whatever else unicode is cool with), numbers (0-9), at-signs (@), dashes (-), underscores (_), apostrophes ('), periods (.) and spaces ( ) - [GeneratedRegex(@"^[\w\ \-'._@]+$")] + // Usernames can contain letters (a-z + whatever else unicode is cool with), numbers (0-9), at-signs (@), dashes (-), underscores (_), apostrophes ('), periods (.), plus-signs (+), and spaces ( ) + [GeneratedRegex("^[\\w\\ \\-\\+'._@]+$")] private static partial Regex ValidUsernameRegex(); /// diff --git a/tests/Jellyfin.Server.Implementations.Tests/Users/UserManagerTests.cs b/tests/Jellyfin.Server.Implementations.Tests/Users/UserManagerTests.cs index 867dda29d6..da6d492d2b 100644 --- a/tests/Jellyfin.Server.Implementations.Tests/Users/UserManagerTests.cs +++ b/tests/Jellyfin.Server.Implementations.Tests/Users/UserManagerTests.cs @@ -9,7 +9,12 @@ namespace Jellyfin.Server.Implementations.Tests.Users [Theory] [InlineData("this_is_valid")] [InlineData("this is also valid")] + [InlineData("this+too")] [InlineData("0@_-' .")] + [InlineData("john+doe")] + [InlineData("JöhnDøë")] + [InlineData("Jö hn+Døë")] + [InlineData("Jö hn+Døë@")] public void ThrowIfInvalidUsername_WhenValidUsername_DoesNotThrowArgumentException(string username) { var ex = Record.Exception(() => UserManager.ThrowIfInvalidUsername(username));