From c3e29d685079dd1090c305b84172983ed347a63c Mon Sep 17 00:00:00 2001
From: Cerapter <cerap@protonmail.com>
Date: Thu, 30 Aug 2018 13:32:09 +0200
Subject: [PATCH] Stopped people from using Unicode format characters to
 pretend to be the server.

---
 server/aoprotocol.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/server/aoprotocol.py b/server/aoprotocol.py
index 5bc94bb..8313a36 100644
--- a/server/aoprotocol.py
+++ b/server/aoprotocol.py
@@ -26,6 +26,7 @@ from .exceptions import ClientError, AreaError, ArgumentError, ServerError
 from .fantacrypt import fanta_decrypt
 from .evidence import EvidenceList
 from .websocket import WebSocket
+import unicodedata
 
 
 class AOProtocol(asyncio.Protocol):
@@ -440,6 +441,10 @@ class AOProtocol(asyncio.Protocol):
         if len(self.client.name) > 30:
             self.client.send_host_message('Your OOC name is too long! Limit it to 30 characters.')
             return
+        for c in self.client.name:
+            if unicodedata.category(c) == 'Cf':
+                self.client.send_host_message('You cannot use format characters in your name!')
+                return
         if self.client.name.startswith(self.server.config['hostname']) or self.client.name.startswith('<dollar>G'):
             self.client.send_host_message('That name is reserved!')
             return