'How to prevent bypass with markdown (Word blacklist system)

I've created a word-blacklist system that works decently, I remove all spaces from the message content, then use regex to match for blacklisted words, and if there's a match, delete the message.

const msgContent = message.content.replace(/\s/g, '');

let foundBlacklist = false;

for (const word of data.Words) {
   const regex = new RegExp(`${word}`, 'gi');
   if (regex.test(msgContent)) {
     foundBlacklist = true;
   }
}

if(foundBlacklist) message.delete().catch(err => console.log(`There was an error trying to delete that message: ${err}`))

The problem is that it's very easy to use markdown to bypass this, if bad is a blacklisted word, simply doing b*a*dto to make it italic, would make the message content b*a*d, and the regex won't match. This of course applies to underline, strikethrough ... etc, where b__ad__ or **b**ad etc won't match either.

How could this be prevented?

javascript


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

React Router with optional path parameter

How to dynamically update google recaptcha sitekey?

How to dynamically update google recaptcha sitekey?

Remove duplicate in a string - javascript

Remove duplicate in a string - javascript

Searching a string for missing letters of the alphabet in javascript

Searching a string for missing letters of the alphabet in javascript

Searching a string for missing letters of the alphabet in javascript

Find an element in DOM based on an attribute value

Redirecting html page with javascript

Find an element in DOM based on an attribute value

Find an element in DOM based on an attribute value

Redirecting html page with javascript

How to find x and y coordinates of a button while using keyboard navigation?

How to find x and y coordinates of a button while using keyboard navigation?