From 4e2dfef321f7a1b5f13cc214bc6bfc23cb8b1d9e Mon Sep 17 00:00:00 2001 From: Griatch Date: Thu, 21 Aug 2014 08:52:49 +0200 Subject: [PATCH] Added escaping of unicode text input of ASCII control characters and extended characters as per #551. --- src/server/serversession.py | 4 ++-- src/utils/utils.py | 7 +++++++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/src/server/serversession.py b/src/server/serversession.py index 86f53b213d..674a89e17b 100644 --- a/src/server/serversession.py +++ b/src/server/serversession.py @@ -13,7 +13,7 @@ from django.conf import settings #from src.scripts.models import ScriptDB from src.comms.models import ChannelDB from src.utils import logger, utils -from src.utils.utils import make_iter, to_unicode +from src.utils.utils import make_iter, to_unicode, escape_control_sequences from src.commands.cmdhandler import cmdhandler from src.commands.cmdsethandler import CmdSetHandler from src.server.session import Session @@ -198,7 +198,7 @@ class ServerSession(Session): """ if text: # this is treated as a command input - text = to_unicode(text) + text = to_unicode(escape_control_sequences(text)) # handle the 'idle' command if text.strip() == IDLE_COMMAND: self.update_session_counters(idle=True) diff --git a/src/utils/utils.py b/src/utils/utils.py index e0f8e2da4b..dec72beab1 100644 --- a/src/utils/utils.py +++ b/src/utils/utils.py @@ -1095,3 +1095,10 @@ class lazy_property(object): value = self.func(obj) obj.__dict__[self.__name__] = value return value + +_RE_CONTROL_CHAR = re.compile('[%s]' % re.escape(''.join([unichr(c) for c in range(0,32) + range(127,160)]))) +def escape_control_sequences(string): + """ + remove non-print text sequences from string. + """ + return _RE_CONTROL_CHAR.sub('', string)