Users on reddit can escape from the spoiler formatting

[Tetsuo6995]

Hello,

I've noticed recently a few posts on /r/unexpected where users managed to break the formatting in the pinned comment from the bot.

Example 1: https://www.reddit.com/r/Unexpected/comments/oqgv46/it_has_pockets/

/!\ NSFW video in the following topic /!
Example 2: https://www.reddit.com/r/Unexpected/comments/oqovwk/headbanging_to_another_level/

If a user adds special formatting characters in his "explanation" (%{Reason} in the code) it can break the spoiler formatting and then his explanation can ruin a bit the "unexpected" aspect of the post.

I would suggest adding some kind of input sanitization before replacing the %{Reason} var in the comment to be replied.

Removing most special characters from the var should probably do the trick !

Thanks !

[Artraxon]

Hmm, in the first example the text is marked as a spoiler for me, but I can see it in the second post. It doesn't seem to be the most pressing issue, but it is something that I'll work on the next time I'll rework parts of the bot. I'm quite busy with studies at the moment, but I will tend to it eventually.

[vphan6896]

Could we replace all special characters with ones that escape then append the spoiler tags at beginning and end? New to this so would you mess around here? https://github.com/Artraxon/unexBot/commit/5b3407028ef9fbcfc338f1492fd970df54d87f0b#diff-25a6634263c1b1f6fc4697a04e2b9904ea4b042a89af59dc93ec1f5d44848a26