Conversation:

Notices

1. Adam Moore (LÆMEUR) (laemeur)'s status on Tuesday, 01-Mar-2016 18:08:54 EST Adam Moore (LÆMEUR)

   Remote profile options...

   • hume‮
   Nicely done. Luckily, the effect only goes as far as the end of the encapsulating HTML block-level element. Maaaybe the !gnusocial group would be interested to know that funny Unicode characters in a user's display name can wreak a small degree of havoc on page rendering. I don't know if they should be filtered or not, thought. There are legitimate uses for RIGHT-TO-LEFT-OVERRIDE (U+202E) in names ...aren't there?
   • MMN-o ✅⃠ (mmn)'s status on Tuesday, 01-Mar-2016 18:21:52 EST MMN-o ✅⃠

     Remote profile options...

     • Adam Moore (LÆMEUR)
     @laemeur Hm, apparently we only remove those things on stuff run through common_purify() (i.e. notice HTML content), in: function common_remove_unicode_formatting($text) { // Strip Unicode text formatting/direction codes // this is pretty dangerous for visualisation of text and can be used for mischief return preg_replace('/[\\x{200b}-\\x{200f}\\x{202a}-\\x{202e}]/u', …
   • MMN-o ✅⃠ (mmn)'s status on Wednesday, 02-Mar-2016 05:10:44 EST MMN-o ✅⃠

     Remote profile options...

     • Adam Moore (LÆMEUR)
     @laemeur And if it's the "userX likes this", it's something that has (or at least should've) passed through common_purify.
     Perhaps it doesn't do that on some of those auto-generated things, but then it's a bug that should be fixed. But at least it does that when spreading to other servers, so potential confusion harm is minimised.
   • MMN-o ✅⃠ (mmn)'s status on Wednesday, 02-Mar-2016 06:15:49 EST MMN-o ✅⃠

     Remote profile options...

     • mcscx
     • Adam Moore (LÆMEUR)
     This is pretty. cc: @laemeur https://social.umeahackerspace.se/attachment/57725