Do you have to filter richtext components of a string?

7z99 · March 1, 2022, 2:59am

Hello!

I was just wondering if I have to filter richtext components of a string? Sometimes when you use a richtext tag, it causes the whole message to become tagged so that’s why I’m wondering if this was something that really had to be filtered, even if it was something that wasn’t visually displayed to the user.

For example, let’s say I have this string: hi, do I have to send the whole string through the filter or could I just send the word “hi” through the filter?

TheH0meLands · March 1, 2022, 3:27am

You can do string:gsub() to remove the rich text element and then filter it. Like this

local thing = " <b>nice</b> "
thing = thing:gsub("<b>", "")
thing = thing:gsub("</b>", "")
filter here

7z99 · March 1, 2022, 3:28am

Right but would this be a violation of the tos?

TheH0meLands · March 1, 2022, 3:29am

Nope, rich text can cause false-positives. So i dont think it break tos. Just solves a problem

MP3Face · March 1, 2022, 3:30am

If it is text sent from a client to the server, and the server shows that text to any players including the sender, it has to be filtered.
How are you formatting the rich text? You can prepend/append the rich text flags to an existing string to make it easier, or better yet use string formatting. Something like:

local string = --[get filtered text]
string = string.format("<b>%s<b>", string)

7z99 · March 1, 2022, 3:32am

(cc @TheH0meLands)

I’m giving the players the option to input their own text, they might choose to put rich text tags if they wish which is why I’m kinda on the fence about suppressing the rich text and then adding it back

MP3Face · March 1, 2022, 3:37am

That’s still possible, given a bit of complex work. You’d be able to string.split or string.gsub out the actual text, save the flags elsewhere, filter the text then recombine them together. The flags shouldn’t need filtering assuming you assert they are actual flags and not sneaking swearwords inbetween <>'s (if they don’t evaluate in RichText, they display normal, ie “< [swear word] >hello< [swear word] >”

Easier though may be to add GUI buttons to allow them to customize… like a checkbox to make it bold/italic. Lot less headache and processing to do than figuring out what they type in-between < and >

7z99 · March 1, 2022, 3:47am

Actually probably wouldn’t be too difficult, you just have to check if what they’re inputting is valid (string.match for hex codes/rgb(n,n,n)

Then checking if something’s invalid probably wouldn’t be too difficult, especially paired with the ContentText property.