From bb7e5a369d5b9acf934765715eaf404f9f3c2dc1 Mon Sep 17 00:00:00 2001
From: Benjamin Neff <benjamin@coding4coffee.ch>
Date: Mon, 5 Jun 2023 23:35:31 +0200
Subject: [PATCH] Correctly escape username pattern regex

Without the escaping, the backslash doesn't get renderet in the frontend
which leads to some browsers (chrome >= 114?) just allowing every input.
---
 app/views/registrations/_form.haml | 2 +-
 app/views/sessions/_form.haml      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/views/registrations/_form.haml b/app/views/registrations/_form.haml
index b9f99cfa5..5f3198881 100644
--- a/app/views/registrations/_form.haml
+++ b/app/views/registrations/_form.haml
@@ -32,7 +32,7 @@
                    placeholder: t("registrations.new.username"),
                    title:       t("registrations.new.enter_username"),
                    required:    true,
-                   pattern:     "[A-Za-z0-9_.\-]+",
+                   pattern:     "[A-Za-z0-9_.\\-]+",
                    aria:        {labelledby: "usernameLabel"}
 
     - if mobile
diff --git a/app/views/sessions/_form.haml b/app/views/sessions/_form.haml
index 4f480f1ad..fbefeaefc 100644
--- a/app/views/sessions/_form.haml
+++ b/app/views/sessions/_form.haml
@@ -19,7 +19,7 @@
                    placeholder: t("registrations.new.username"),
                    class: "input-block-level form-control",
                    required: true,
-                   pattern: "[A-Za-z0-9_.@\-]+",
+                   pattern: "[A-Za-z0-9_.@\\-]+",
                    autocapitalize: "none",
                    autocorrect: "off",
                    autofocus: true,