From 10e5d52e48e2de443f51ad6031ef6ab524c8444e Mon Sep 17 00:00:00 2001
From: Aevann <randomname42029@gmail.com>
Date: Wed, 12 Jul 2023 05:02:31 +0300
Subject: [PATCH] mass css validation

---
 files/routes/admin.py | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/files/routes/admin.py b/files/routes/admin.py
index 8b8ccd156..067c427b3 100644
--- a/files/routes/admin.py
+++ b/files/routes/admin.py
@@ -26,6 +26,26 @@ from files.routes.routehelpers import get_alt_graph, get_alt_graph_ids
 
 from .front import frontlist, comment_idlist
 
+
+@app.get('/admin/mass_css_validation')
+@limiter.limit(DEFAULT_RATELIMIT)
+@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
+@admin_level_required(5)
+def mass_css_validation(v):
+	users = g.db.query(User).filter(User.profilecss != None)
+	for u in users:
+		print(f'processing {u.id}', flush=True)
+		for i in css_url_regex.finditer(u.profilecss):
+			url = i.group(1)
+			if not is_safe_url(url):
+				print(f"wiped {u.id}\n{u.profilecss}", flush=True)
+				with open(f"wipe.log", "a", encoding="utf-8") as f:
+					f.write(f'{u.id}\n{u.profilecss}\n\n\n')
+				u.profilecss = None
+				g.db.add(u)
+				break
+	return 'success'
+
 @app.get('/admin/loggedin')
 @limiter.limit(DEFAULT_RATELIMIT)
 @limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)