forked from rDrama/rDrama
1
0
Fork 0
Commit Graph

632 Commits (8df58b6421e3b20052683e642d084b7f3097b3e1)

Author SHA1 Message Date
Aevann1 227d074da7 remove redundant "noreferrer" 2022-10-29 23:46:35 +02:00
Aevann1 06314f92b1 remove referrer from html tags 2022-10-29 23:42:30 +02:00
Aevann1 b816973f38 ignore subdomains in banned_domains logic 2022-10-28 20:12:40 +02:00
Aevann1 1a35e2ec6a refactor banned domains 2022-10-28 00:37:29 +02:00
Aevann1 c8f24eab1b fix videos 2022-10-23 10:57:13 +02:00
justcool393 578e1896fd sanitize: strip out html comments
they're unnecessary and never get rendered
2022-10-20 18:06:55 -05:00
Aevann1 3c3950adb0 change video tags 2022-10-20 22:26:43 +02:00
justcool393 cb35480ee6 sanitize: replace cuneiform ban with an overline ban 2022-10-20 09:44:32 -05:00
justcool393 b92535c286 pings bypass permission 2022-10-12 02:36:29 -07:00
justcool393 87fd8ee57a comment sanity checks and constantization
* make HTML body length a constant and use it
* abort before uploads and other tasks if comment level is too deep
* what a nightmare of two functions, please do better next time
2022-10-09 05:54:46 -07:00
official-techsupport 4e23161f11
Re-enable showmore_regex for Snappy (#389)
* Re-enable showmore_regex for Snappy

* showmore a bit more aggressively
2022-10-06 02:17:28 -04:00
Aevann1 168f18893f change wording of an error msg 2022-10-06 07:08:48 +02:00
justcool393 093ced7b20 introduce constant for post and title length 2022-10-05 16:35:44 -07:00
justcool393 88ae00deef sanitize raw bodies 2022-10-05 16:35:44 -07:00
justcool393 19b2f71c3b improve raw title sanitization and don't check the same thing like 5 times 2022-10-05 16:35:44 -07:00
justcool393 f901d5af05
show raw unicode codes instead of the actual characters 2022-10-04 15:29:00 -07:00
justcool393 4c71bd6b5c
fake colon 2022-10-04 14:33:23 -07:00
Aevann1 dee46a9306 revert an earlier change for video and audio files in sanitize() 2022-10-01 19:42:34 +02:00
Aevann1 3006da3f8f increase sanitize timeout limit from 2 seconds to 5 seconds 2022-09-29 12:34:09 +02:00
Aevann1 b9d3336a9e nitter shit 2022-09-29 07:53:37 +02:00
official-techsupport bd8b96c1f5
fix the TLD matching to exclude numbers (#371) 2022-09-24 18:06:53 -04:00
official-techsupport 0ff839d396
Accept any TLDS (#369) 2022-09-24 02:04:09 +02:00
Aevann1 bb4e21b2f0 fix utm regex 2022-09-23 15:23:11 +02:00
Aevann1 2fb4ebdcb0 minor sanitize refactor 2022-09-16 18:30:34 +02:00
Aevann1 b3d2fca506 remove kf replacing 2022-09-12 13:59:49 +02:00
Aevann1 47890d771d add Marsey Submission UI 2022-09-09 11:13:50 +02:00
Aevann1 0f232b264c refactor torture_ap 2022-09-05 22:05:04 +02:00
Aevann1 959e08bb83 make marsify not count towards /marseys 2022-09-05 10:49:34 +02:00
Aevann1 0271d4488f do this https://rdrama.org/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/2658067?context=8#context 2022-09-05 03:43:07 +02:00
Aevann1 0c32d56cd6 casino + style shit 2022-09-05 01:15:37 +02:00
Aevann1 a0579b40e0 restore metadata for audio 2022-09-03 05:39:35 +02:00
Aevann1 28dbe0d6ab fix WPD slowness 2022-09-03 05:34:06 +02:00
Aevann1 083371f20f keep_blank_values 2022-09-01 22:46:57 +02:00
Aevann1 523bfd93c5 show first frame of video 2022-09-01 22:43:11 +02:00
official-techsupport a9eeb29b9b
fix showmore quadratic behavior (#343) 2022-08-30 23:19:53 +02:00
Aevann1 2dcd1288d7 Revert "adjust audio and video embedding"
This reverts commit e9d98e158c.
2022-08-26 20:15:26 +02:00
Aevann1 0b786477fc support all existing TLDs 2022-08-25 17:04:25 +02:00
Aevann1 75ad5b34f2 fix youtube embedding 2022-08-25 00:02:06 +02:00
Aevann1 3c9145ee60 add .world tld 2022-08-23 00:13:32 +02:00
Aevann1 fbbd6f9be8 fix prev commit 2022-08-21 19:22:18 +02:00
Aevann1 663904fb3d steal the parts I wanted from spidey's PR 2022-08-21 19:20:09 +02:00
Aevann1 fb2437574f change ping_limit to be 3 for comments, and 50 for posts 2022-08-21 17:05:32 +02:00
Aevann1 0e0f414cc9 add .farm TLD 2022-08-21 15:29:35 +02:00
Aevann1 7084e71c57 fix pinging 2022-08-20 23:39:01 +02:00
Aevann1 e9d98e158c adjust audio and video embedding 2022-08-20 22:32:28 +02:00
Aevann1 d8c6b575de fix pinging 2022-08-19 15:10:39 +02:00
Aevann1 5234c8ef21 remove weird spaes 2022-08-17 22:30:07 +02:00
Aevann1 0715ab3e64 fix multipinging (hopefully this doesnt break other shit) 2022-08-17 21:41:09 +02:00
Aevann1 0cae055403 remove weird spaces annoying me 2022-08-17 21:25:57 +02:00
Aevann1 b9453bac03 replace "https://imgur.com/" with "https://i.imgur.com/" for the sake of mobilecels 2022-08-13 07:06:53 +02:00
Snakes 55c1ad859e
Disable showmore logic on posts. 2022-08-10 17:34:15 -04:00
Snakes 8b241a765a
Check URI approved embed in all CSS contexts. 2022-08-05 13:09:41 -04:00
Aevann1 981692550f fix ping limiting being applies on all instances of "sanitize()" 2022-08-05 17:14:22 +02:00
Aevann1 d069550284 fix issue with showmore button breaking divs 2022-08-04 21:31:13 +02:00
Aevann1 347604c433 make non-jannies unable to ping more than 3 ppl 2022-07-29 15:23:34 +02:00
Snakes d06ea7d349 LGB: disable markup commands. 2022-07-19 21:20:52 -04:00
Aevann1 636e5e1254 fix camas.unddit.com 2022-07-15 15:27:45 +02:00
Aevann1 8da96d40f7 replace search.marsey.cat with camas.unddit.com 2022-07-15 15:00:51 +02:00
Aevann1 e3d2d24d94 fix this https://chapotraphouse.club/post/85005/chadblack2-soymad-soycry-soymad-black-man/2294928?context=8#context 2022-07-13 18:48:53 +02:00
Aevann1 dcc63c7834 add more image validation (to fix this https://chapotraphouse.club/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/2298173?context=8#context) 2022-07-12 22:30:00 +02:00
Aevann1 fb73fa0612 add target="_blank" to all external urls 2022-07-12 22:29:27 +02:00
Aevann1 b5d9db86d1 refactor comment commands 2022-07-11 14:14:18 +02:00
Aevann1 1549508e49 make :marseyunpettable: unpettable 2022-07-08 17:39:54 +02:00
Snakes b66bfdcab9 sanitize.with_sigalrm_timeout: functools.wrap fix. 2022-07-06 05:01:48 -04:00
official-techsupport 548030fcf1 fix exceptions in sanitize leaving SIGALRM on 2022-07-06 04:46:00 -04:00
Aevann1 1115c1a574 fix reddit domain replacement 2022-07-04 05:08:33 +02:00
Aevann1 c0c5057ab9 make reddit_domain_regex work with user profiles too 2022-07-04 03:12:28 +02:00
Aevann1 076fad1108 fix 403 errors on unrelated text 2022-07-03 05:42:15 +02:00
Aevann1 3bfe9e984b don't allow URLs with '\\' in them 2022-07-03 04:03:40 +02:00
Aevann1 bce4c13043 kitchen sink commit, all over the place 2022-07-02 12:44:05 +02:00
Aevann1 6ec0d25034 strip sanitized text 2022-07-02 12:12:52 +02:00
Aevann1 77c1f96383 remove empty anchor tags 2022-07-02 02:54:59 +02:00
Aevann1 28786342dc fix snappy archiving images 2022-07-02 02:25:58 +02:00
Aevann1 cba02b9e4b fix issue with code blocks 2022-07-01 01:01:10 +02:00
Aevann1 aa53296d07 Revert "remove "filter" from allowed styles"
This reverts commit 14d929623e.
2022-07-01 00:18:05 +02:00
Aevann1 14d929623e remove "filter" from allowed styles 2022-07-01 00:03:32 +02:00
Aevann1 790a814b36 make "show more" button look nicer 2022-06-29 04:35:52 +02:00
Aevann1 e7460874e9 double the timeout duration for sanitize() 2022-06-29 03:39:33 +02:00
Aevann1 b6a5d010ca add "show more..." button 2022-06-29 02:55:44 +02:00
Aevann1 3ed41a0835 remove insane number of line breaks in rendered HTML 2022-06-29 01:53:41 +02:00
Aevann1 b873492dd0 fix strikethrough, v2 2022-06-28 07:52:29 +02:00
Aevann1 50121f6960 fixed strikethrough 2022-06-28 07:41:21 +02:00
Aevann1 46c9c719d0 fixed 500 error 2022-06-27 04:22:12 +02:00
Aevann1 b5d993569f embed rework 2022-06-27 03:00:45 +02:00
Snakes aaf718c78c Fix timeout in sanitize from link_fix_regex.
h/t to @official-techsupport for finding and help fixing this bug.
When given certain pathological input, `sanitize` would time out
(notably only on posts, rather than comments, perhaps due to the
longer maximum length of input). For example, using as input the
result of:

    with open("test.txt", "w") as f:
        for i in range(26):
            f.write(f":{chr(ord('a') + i)}: ")
        f.write('x' * 20_000)

We believe this to be because of some combination of the greedy
quantifiers and the negative lookahead before the match. The regex
was rewritten to (in theory) have much more linear performance.
2022-06-25 01:28:43 -04:00
Aevann1 2c1d1aceff fix this https://chapotraphouse.club/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/2178607?context=8#context 2022-06-23 21:43:49 +02:00
Aevann1 39cf7fc48b refactor normalizing urls at runtime (I put the function in comment.py cuz there were weird import errors that i didnt wanna fix) 2022-06-23 17:47:57 +02:00
Aevann1 e42227ab67 add glowie marseys 2022-06-23 02:34:37 +02:00
Aevann1 0e1177843e remove the need for alert flag on sanitize() 2022-06-23 00:12:47 +02:00
Snakes 26273d0997 Revert "delete empty <a> tags to prevent exploits"
This reverts commit 5f78b4e365.

This commit is breaking @-mentions in a great many contexts and
I'm not quite sure how to fix it right now.
2022-06-22 18:00:23 -04:00
Aevann1 5f78b4e365 delete empty <a> tags to prevent exploits 2022-06-22 23:12:02 +02:00
Aevann1 20585ca543 add a shortened endpoint for static images and rename loading.webp to l.webp (to save bytes) 2022-06-22 17:51:19 +02:00
Snakes 4166b2d2f0 Content: chadsoy x2, more neo-gTLDs. 2022-06-21 01:03:33 -04:00
Snakes dee8eb5154 Replace loading.webp with new marseyloading. 2022-06-19 22:15:33 -04:00
Aevann1 7c5e8c04b0 add .dev tld 2022-06-19 22:32:12 +02:00
Aevann1 3eb788103c allow only ascii characters in links (https://rdrama.net/comment/2150032) 2022-06-19 19:25:55 +02:00
Aevann1 5ddde69ac9 greentext fix 2022-06-19 17:22:06 +02:00
Aevann1 45b1b61760 added greentext 2022-06-19 17:05:50 +02:00
Snakes e5193cbd46 Fix mention sanitize when `g.v` not present.
This bug was discovered when lottery.check_if_end_lottery_task was
failing due to a stack trace thru end_lottery session < badge_grant
< send_repeatable_notifications < sanitize L208. In particular, when
`flask cron` (helpers/cron.py) executes, it does not set g.v, whereas
this code previously assumed that g.v : (None + User) and did not
check for its presence.
2022-06-18 21:22:04 -04:00
Aevann1 453d83856e add .press tld 2022-06-18 18:07:57 +02:00