Hello,
I am currently working on a Radio system. The message label which appears uses RichText to make the username “prefix” bold and the rest of the text normal.
However I noticed a unintended feature where users could insert their own RichText elements and change the text.
Like for example if they wrote <b>Hello</b> in chat it would display a bold text in the radio.
How would I go about “sanitizing” the text so that stuff like that wont happen?
Thanks in advance.
Have you unchecked the “RichText” option of the Textbox?
I might just use two text labels, one rich text and the other not, using the TextBounds property to position the second one
You could theoretically use gsub to actually remove it but thatd be pretty hard
My system uses RichText, so that’s not a option unfortunantely.
As mentioned you could remove the tags altogether but perhaps the player actually wants to display something like "<b>Hello</b>". In general it’s likely best to just replace all “special” characters with their escaped forms instead:
local Text = '<b>Hello</b>'
local replace = {
['<'] = '<',
['>'] = '>',
['"'] = '"',
["'"] = ''',
['&'] = '&'
}
local res = string.gsub(Text, "([<>'\"\&])", replace)
print(res) --> <b>Hello</b>
All the escape forms of characters are listed here: