From 9cb2ca3383787213336c5afcc2a496f20f6ea649 Mon Sep 17 00:00:00 2001
From: Pavel Djundik <xPaw@users.noreply.github.com>
Date: Thu, 7 Mar 2019 10:46:06 +0200
Subject: [PATCH] Sanitize user and real names

---
 src/models/network.js | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/models/network.js b/src/models/network.js
index 09a06b77..b169d2aa 100644
--- a/src/models/network.js
+++ b/src/models/network.js
@@ -70,14 +70,20 @@ Network.prototype.validate = function(client) {
 		this.nick = this.nick.substring(0, 100);
 	}
 
-	this.setNick(String(this.nick || Helper.getDefaultNick()).replace(" ", "_"));
+	this.setNick(String(this.nick || Helper.getDefaultNick()).replace(/\s/g, "_"));
 
 	if (!this.username) {
 		this.username = this.nick.replace(/[^a-zA-Z0-9]/g, "");
+	} else {
+		// Remove any whitespace from usernames as that is not valid
+		this.username = this.username.replace(/\s/g, "_").substring(0, 100);
 	}
 
 	if (!this.realname) {
 		this.realname = "The Lounge User";
+	} else {
+		// Remove newlines from realnames
+		this.realname = this.realname.replace(/[\r\n]/g, "_").substring(0, 128);
 	}
 
 	if (!this.port) {