Don't steal emoji who's shortcodes have dots or colons in their name

Mastodon at the very least seems to prevent the creation of emoji with dots in their name (and refuses to accept them in federation). It feels like being cautious in what we accept is reasonable here. Colons are the emoji separator and so obviously should be blocked. Perhaps instead of filtering out things like this we should just do a regex match on `[a-zA-Z0-9_-]`? But that's plausibly a decision for another day Perhaps we should also have a centralised "is this a valid emoji shortcode?" function
2024-02-20 11:31:29 +01:00 · 2024-02-20 11:31:29 +01:00 · b387f4a1c1
commit b387f4a1c1
parent 7d94476dd6
1 changed files with 1 additions and 1 deletions
--- a/lib/pleroma/web/activity_pub/mrf/steal_emoji_policy.ex
+++ b/lib/pleroma/web/activity_pub/mrf/steal_emoji_policy.ex
@ -77,7 +77,7 @@ def filter(%{"object" => %{"emoji" => foreign_emojis, "actor" => actor}} = messa
      new_emojis =
        foreign_emojis
        |> Enum.reject(fn {shortcode, _url} -> shortcode in installed_emoji end)
-        |> Enum.reject(fn {shortcode, _url} -> String.contains?(shortcode, ["/", "\\"]) end)
+        |> Enum.reject(fn {shortcode, _url} -> String.contains?(shortcode, ["/", "\\", ".", ":"]) end)
        |> Enum.filter(fn {shortcode, _url} ->
          reject_emoji? =
            [:mrf_steal_emoji, :rejected_shortcodes]