From e163c2f5d03a4871a30b884750b8c6619f31899c Mon Sep 17 00:00:00 2001 From: Aevann Date: Thu, 23 Mar 2023 18:38:42 +0200 Subject: [PATCH] fix chud exploit --- files/helpers/sanitize.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/helpers/sanitize.py b/files/helpers/sanitize.py index 20fb45fe2..9d92a1c50 100644 --- a/files/helpers/sanitize.py +++ b/files/helpers/sanitize.py @@ -634,7 +634,7 @@ def complies_with_chud(obj): obj.title_html = torture_ap(obj.title_html, obj.author.username) obj.body_html = torture_ap(obj.body_html, obj.author.username) - tags = soup.html.body.find_all('p', recursive=False) + tags = soup.html.body.find_all(lambda tag: tag.name == 'p' and not tag.attrs, recursive=False) for tag in tags: for text in tag.find_all(text=True, recursive=False):