diff --git a/CHANGELOG.md b/CHANGELOG.md index ea0d51d1..feac5dfe 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ All notable changes to this project will be documented in this file. - Update the read-only dashboard's CSS for better mobile support (#442) - Reduce the number of SQL queries used in the "Get Checks" API call - Add support for script's exit status in ping URLs (#429) +- Improve phone number sanitization: remove spaces and hyphens ## v1.17.0 - 2020-10-14 diff --git a/hc/front/forms.py b/hc/front/forms.py index b5f33626..14b82b6a 100644 --- a/hc/front/forms.py +++ b/hc/front/forms.py @@ -204,6 +204,7 @@ class AddSmsForm(forms.Form): v = self.cleaned_data["value"] stripped = v.encode("ascii", "ignore").decode("ascii") + stripped = stripped.replace(" ", "").replace("-", "") if not re.match(r"^\+\d{5,15}$", stripped): raise forms.ValidationError("Invalid phone number format.") diff --git a/hc/front/tests/test_add_sms.py b/hc/front/tests/test_add_sms.py index 73a6fe10..ca062820 100644 --- a/hc/front/tests/test_add_sms.py +++ b/hc/front/tests/test_add_sms.py @@ -75,3 +75,23 @@ class AddSmsTestCase(BaseTestCase): c = Channel.objects.get() self.assertEqual(c.phone_number, "+1234567890") + + def test_it_strips_hyphens(self): + form = {"label": "My Phone", "value": "+123-4567890"} + + self.client.login(username="alice@example.org", password="password") + r = self.client.post(self.url, form) + self.assertRedirects(r, self.channels_url) + + c = Channel.objects.get() + self.assertEqual(c.phone_number, "+1234567890") + + def test_it_strips_spaces(self): + form = {"label": "My Phone", "value": "+123 45 678 90"} + + self.client.login(username="alice@example.org", password="password") + r = self.client.post(self.url, form) + self.assertRedirects(r, self.channels_url) + + c = Channel.objects.get() + self.assertEqual(c.phone_number, "+1234567890")