diff --git a/src/mfm/parser.ts b/src/mfm/parser.ts index ae2ae72463..6980b36ea0 100644 --- a/src/mfm/parser.ts +++ b/src/mfm/parser.ts @@ -275,7 +275,7 @@ const mfm = P.createLanguage({ mention: r => P((input, i) => { const text = input.substr(i); - const match = text.match(/^@[a-z0-9_]+(?:@[a-z0-9\.\-]+[a-z0-9])?/i); + const match = text.match(/^@\w([\w-]*\w)?(?:@[\w\.\-]+\w)?/); if (!match) return P.makeFailure(i, 'not a mention'); if (input[i - 1] != null && input[i - 1].match(/[a-z0-9]/i)) return P.makeFailure(i, 'not a mention'); return P.makeSuccess(i + match[0].length, match[0]); diff --git a/src/models/user.ts b/src/models/user.ts index 0b19ffa7ba..19291a2cbe 100644 --- a/src/models/user.ts +++ b/src/models/user.ts @@ -155,7 +155,7 @@ export const isRemoteUser = (user: any): user is IRemoteUser => //#region Validators export function validateUsername(username: string, remote?: boolean): boolean { - return typeof username == 'string' && (remote ? /^\w+([\w\.-]+\w+)?$/ : /^[a-zA-Z0-9_]{1,20}$/).test(username); + return typeof username == 'string' && (remote ? /^\w([\w-]*\w)?$/ : /^\w{1,20}$/).test(username); } export function validatePassword(password: string): boolean { diff --git a/src/server/api/endpoints/users/search.ts b/src/server/api/endpoints/users/search.ts index f7f1794962..86b16dcbb1 100644 --- a/src/server/api/endpoints/users/search.ts +++ b/src/server/api/endpoints/users/search.ts @@ -53,7 +53,7 @@ export const meta = { }; export default define(meta, (ps, me) => new Promise(async (res, rej) => { - const isUsername = validateUsername(ps.query.replace('@', ''), true); + const isUsername = validateUsername(ps.query.replace('@', ''), !ps.localOnly); let users: IUser[] = []; diff --git a/test/mfm.ts b/test/mfm.ts index 0611076473..dee1bb2aea 100644 --- a/test/mfm.ts +++ b/test/mfm.ts @@ -168,6 +168,22 @@ describe('Text', () => { ]), node('mention', { acct: '@a', canonical: '@a', username: 'a', host: null }) ], tokens3); + + const tokens4 = analyze('@\n@v\n@veryverylongusername' /* \n@toolongtobeasamention */ ); + assert.deepEqual([ + text('@\n'), + node('mention', { acct: '@v', canonical: '@v', username: 'v', host: null }), + text('\n'), + node('mention', { acct: '@veryverylongusername', canonical: '@veryverylongusername', username: 'veryverylongusername', host: null }), + // text('\n@toolongtobeasamention') + ], tokens4); + /* + const tokens5 = analyze('@domain_is@valid.example.com\n@domain_is@.invalid\n@domain_is@invali.d\n@domain_is@invali.d\n@domain_is@-invalid.com\n@domain_is@invalid-.com'); + assert.deepEqual([ + node('mention', { acct: '@domain_is@valid.example.com', canonical: '@domain_is@valid.example.com', username: 'domain_is', host: 'valid.example.com' }), + text('\n@domain_is@.invalid\n@domain_is@invali.d\n@domain_is@invali.d\n@domain_is@-invalid.com\n@domain_is@invalid-.com') + ], tokens5); + */ }); });