master
Aevann1 2021-12-09 22:30:14 +02:00
parent 6f5e1afd0a
commit e129375fb8
5 changed files with 14 additions and 7 deletions

View File

@ -128,5 +128,4 @@ def after_request(response):
response.headers.add("Content-Security-Policy", "script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self' tls-use1.fpapi.io api.fpjs.io 02ddcc80-b8db-42be-9022-44c546b4dce6.pushnotifications.pusher.com; object-src 'none';") response.headers.add("Content-Security-Policy", "script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self' tls-use1.fpapi.io api.fpjs.io 02ddcc80-b8db-42be-9022-44c546b4dce6.pushnotifications.pusher.com; object-src 'none';")
return response return response
from files.routes import * from files.routes import *

View File

@ -401,7 +401,9 @@ class Comment(Base):
for o in self.options: for o in self.options:
html += f'<div class="custom-control"><input type="checkbox" class="custom-control-input" id="{o.id}" name="option"' html += f'<div class="custom-control"><input type="checkbox" class="custom-control-input" id="{o.id}" name="option"'
if o.poll_voted(v): html += " checked" if o.poll_voted(v): html += " checked"
html += f''' onchange="poll_vote('{o.id}', '{self.id}')"><label class="custom-control-label" for="{o.id}">{o.body_html}<span class="presult-{self.id}''' if v: html += f''' onchange="poll_vote('{o.id}', '{self.id}')"'''
else: html += f''' onchange="poll_vote_no_v('{o.id}', '{self.id}')"'''
html += f'''><label class="custom-control-label" for="{o.id}">{o.body_html}<span class="presult-{self.id}'''
if not self.total_poll_voted(v): html += ' d-none' if not self.total_poll_voted(v): html += ' d-none'
html += f'"> - <a href="/votes?link=t3_{o.id}"><span id="poll-{o.id}">{o.upvotes}</span> votes</a></span></label></div><pre></pre>' html += f'"> - <a href="/votes?link=t3_{o.id}"><span id="poll-{o.id}">{o.upvotes}</span> votes</a></span></label></div><pre></pre>'
return html return html

View File

@ -39,6 +39,9 @@ allowed_tags = tags = ['b',
'a', 'a',
'img', 'img',
'span', 'span',
'ruby',
'rp',
'rt',
] ]
no_images = ['b', no_images = ['b',
@ -71,6 +74,9 @@ no_images = ['b',
'marquee', 'marquee',
'a', 'a',
'span', 'span',
'ruby',
'rp',
'rt',
] ]
def sanitize_marquee(tag, name, value): def sanitize_marquee(tag, name, value):

View File

@ -761,7 +761,7 @@
{% include "expanded_image_modal.html" %} {% include "expanded_image_modal.html" %}
<script src="/assets/js/popover.js?v=10"></script> <script src="/assets/js/popover.js?v=10"></script>
<script src="/assets/js/comments.js?v=8"></script> <script src="/assets/js/comments.js?v=9"></script>
<script> <script>
{% if p and (not v or v.highlightcomments) %} {% if p and (not v or v.highlightcomments) %}

View File

@ -417,9 +417,9 @@
{% if p.domain == "twitter.com" %} {% if p.domain == "twitter.com" %}
{{p.embed_url | safe}} {{p.embed_url | safe}}
{% if v and v.theme.split("_")[0] in ["light", "coffee", "4chan"] %} {% if v and v.theme.split("_")[0] in ["light", "coffee", "4chan"] %}
<script src="/assets/js/twitterlight.js?v=4"></script> <script src="/assets/js/twitterlight.js?v=5"></script>
{% else %} {% else %}
<script src="/assets/js/twitter.js?v=4"></script> <script src="/assets/js/twitter.js?v=5"></script>
{% endif %} {% endif %}
{% elif p.domain in ['youtu.be','youtube.com'] and p.embed_url and p.embed_url.startswith('<lite-youtube') %} {% elif p.domain in ['youtu.be','youtube.com'] and p.embed_url and p.embed_url.startswith('<lite-youtube') %}
{{p.embed_url | safe}} {{p.embed_url | safe}}
@ -460,7 +460,7 @@
{% for c in p.options %} {% for c in p.options %}
<div class="custom-control"> <div class="custom-control">
<input type="checkbox" class="custom-control-input" id="{{c.id}}" name="option" {% if c.poll_voted(v) %}checked{% endif %} onchange="poll_vote('{{c.id}}')"> <input type="checkbox" class="custom-control-input" id="{{c.id}}" name="option" {% if c.poll_voted(v) %}checked{% endif %} onchange="{% if v %}poll_vote('{{c.id}}'){% else %}poll_vote_no_v(){% endif %}">
<label class="custom-control-label" for="{{c.id}}">{{c.body_html | safe}}<span class="presult {% if not p.total_poll_voted(v) %}d-none{% endif %}"> - <a href="/votes?link=t3_{{c.id}}"><span id="poll-{{c.id}}">{{c.upvotes}}</span> votes</a></span></label> <label class="custom-control-label" for="{{c.id}}">{{c.body_html | safe}}<span class="presult {% if not p.total_poll_voted(v) %}d-none{% endif %}"> - <a href="/votes?link=t3_{{c.id}}"><span id="poll-{{c.id}}">{{c.upvotes}}</span> votes</a></span></label>
</div> </div>
{% endfor %} {% endfor %}
@ -873,7 +873,7 @@
{% include "ban_modal.html" %} {% include "ban_modal.html" %}
{% endif %} {% endif %}
{% endif %} {% endif %}
<script src="/assets/js/comments.js?v=8"></script> <script src="/assets/js/comments.js?v=9"></script>
{% include "expanded_image_modal.html" %} {% include "expanded_image_modal.html" %}
{% endif %} {% endif %}