forked from MarseyWorld/MarseyWorld
Merge branch 'master' into mistletoe
commit
e49f0176cd
|
@ -134,11 +134,10 @@ def teardown_request(error):
|
|||
|
||||
@app.after_request
|
||||
def after_request(response):
|
||||
if session.get("favorite_emojis"): del session["favorite_emojis"]
|
||||
|
||||
response.headers.add("Strict-Transport-Security", "max-age=31536000")
|
||||
response.headers.add("X-Frame-Options", "deny")
|
||||
response.headers.add("Content-Security-Policy", "script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com; connect-src 'self' tls-use1.fpapi.io api.fpjs.io 02ddcc80-b8db-42be-9022-44c546b4dce6.pushnotifications.pusher.com; object-src 'none';")
|
||||
return response
|
||||
|
||||
|
||||
from files.routes import *
|
|
@ -157,7 +157,10 @@ def api_comment(v):
|
|||
else: top_comment_id = parent.top_comment_id
|
||||
else: abort(400)
|
||||
|
||||
body = request.values.get("body", "").strip()[:10000]
|
||||
body = request.values.get("body", "").strip()[:10000].replace(' ','\n')
|
||||
for i in re.finditer('(^|\n)(?!.*http)(.*)', body):
|
||||
body = body.replace(i.group(2), i.group(2).upper())
|
||||
body = body.replace('\n\n','%&$').replace('\n',' ').replace('%&$','\n\n')
|
||||
|
||||
if v.marseyawarded:
|
||||
if time.time() > v.marseyawarded:
|
||||
|
@ -192,7 +195,7 @@ def api_comment(v):
|
|||
file=request.files["file"]
|
||||
if not file.content_type.startswith('image/'): return {"error": "That wasn't an image!"}, 400
|
||||
|
||||
name = f'/images/{time.time()}'.replace('.','') + '.webp'
|
||||
name = f'/images/{time.time()}'.replace('.','')[:-5] + '.webp'
|
||||
file.save(name)
|
||||
url = request.host_url[:-1] + process_image(name)
|
||||
|
||||
|
@ -615,7 +618,11 @@ def edit_comment(cid, v):
|
|||
|
||||
if c.is_banned or c.deleted_utc > 0: abort(403)
|
||||
|
||||
body = request.values.get("body", "").strip()[:10000]
|
||||
body = request.values.get("body", "").strip()[:10000].replace(' ','\n')
|
||||
for i in re.finditer('(^|\n)(?!.*http)(.*)', body):
|
||||
body = body.replace(i.group(2), i.group(2).upper())
|
||||
body = body.replace('\n\n','%&$').replace('\n',' ').replace('%&$','\n\n')
|
||||
|
||||
if len(body) < 1: return {"error":"You have to actually type something!"}, 400
|
||||
|
||||
if body != c.body and body != "":
|
||||
|
@ -721,7 +728,7 @@ def edit_comment(cid, v):
|
|||
file=request.files["file"]
|
||||
if not file.content_type.startswith('image/'): return {"error": "That wasn't an image!"}, 400
|
||||
|
||||
name = f'/images/{time.time()}'.replace('.','') + '.webp'
|
||||
name = f'/images/{time.time()}'.replace('.','')[:-5] + '.webp'
|
||||
file.save(name)
|
||||
url = request.host_url[:-1] + process_image(name)
|
||||
|
||||
|
|
|
@ -335,8 +335,12 @@ def edit_post(pid, v):
|
|||
|
||||
if p.author_id != v.id and not (v.admin_level > 1 and v.admin_level > 2): abort(403)
|
||||
|
||||
title = request.values.get("title", "").strip()
|
||||
body = request.values.get("body", "").strip()
|
||||
title = request.values.get("title", "").strip().upper()
|
||||
|
||||
body = request.values.get("body", "").strip().replace(' ','\n')
|
||||
for i in re.finditer('(^|\n)(?!.*http)(.*)', body):
|
||||
body = body.replace(i.group(2), i.group(2).upper())
|
||||
body = body.replace('\n\n','%&$').replace('\n',' ').replace('%&$','\n\n')
|
||||
|
||||
if len(body) > 10000: return {"error":"Character limit is 10000!"}, 403
|
||||
|
||||
|
@ -377,7 +381,7 @@ def edit_post(pid, v):
|
|||
file=request.files["file"]
|
||||
if not file.content_type.startswith('image/'): return {"error": "That wasn't an image!"}, 400
|
||||
|
||||
name = f'/images/{time.time()}'.replace('.','') + '.webp'
|
||||
name = f'/images/{time.time()}'.replace('.','')[:-5] + '.webp'
|
||||
file.save(name)
|
||||
url = request.host_url[:-1] + process_image(name)
|
||||
|
||||
|
@ -646,7 +650,7 @@ def thumbnail_thread(pid):
|
|||
db.close()
|
||||
return
|
||||
|
||||
name = f'/images/{time.time()}'.replace('.','') + '.webp'
|
||||
name = f'/images/{time.time()}'.replace('.','')[:-5] + '.webp'
|
||||
|
||||
with open(name, "wb") as file:
|
||||
for chunk in image_req.iter_content(1024):
|
||||
|
@ -669,7 +673,8 @@ def submit_post(v):
|
|||
if request.content_length > 8 * 1024 * 1024: return "Max file size is 8 MB.", 413
|
||||
elif request.content_length > 4 * 1024 * 1024: return "Max file size is 4 MB.", 413
|
||||
|
||||
title = request.values.get("title", "").strip()[:500]
|
||||
title = request.values.get("title", "").strip()[:500].upper()
|
||||
|
||||
url = request.values.get("url", "").strip()
|
||||
|
||||
if v.agendaposter and not v.marseyawarded:
|
||||
|
@ -678,7 +683,10 @@ def submit_post(v):
|
|||
title = censor_slurs2(title).upper().replace(' ME ', f' @{v.username} ')
|
||||
|
||||
title_html = filter_emojis_only(title)
|
||||
body = request.values.get("body", "").strip()
|
||||
body = request.values.get("body", "").strip().replace(' ','\n')
|
||||
for i in re.finditer('(^|\n)(?!.*http)(.*)', body):
|
||||
body = body.replace(i.group(2), i.group(2).upper())
|
||||
body = body.replace('\n\n','%&$').replace('\n',' ').replace('%&$','\n\n')
|
||||
|
||||
if v.marseyawarded and len(list(re.finditer('>[^<\s+]|[^>\s+]<', title_html))) > 0: return {"error":"You can only type marseys!"}, 40
|
||||
|
||||
|
@ -864,7 +872,7 @@ def submit_post(v):
|
|||
file=request.files["file2"]
|
||||
if not file.content_type.startswith('image/'): return {"error": "That wasn't an image!"}, 400
|
||||
|
||||
name = f'/images/{time.time()}'.replace('.','') + '.webp'
|
||||
name = f'/images/{time.time()}'.replace('.','')[:-5] + '.webp'
|
||||
file.save(name)
|
||||
url = request.host_url[:-1] + process_image(name)
|
||||
|
||||
|
@ -952,7 +960,7 @@ def submit_post(v):
|
|||
), 403
|
||||
|
||||
if file.content_type.startswith('image/'):
|
||||
name = f'/images/{time.time()}'.replace('.','') + '.webp'
|
||||
name = f'/images/{time.time()}'.replace('.','')[:-5] + '.webp'
|
||||
file.save(name)
|
||||
new_post.url = request.host_url[:-1] + process_image(name)
|
||||
|
||||
|
|
|
@ -124,7 +124,7 @@ def settings_profile_post(v):
|
|||
if request.headers.get("Authorization"): return {"error": f"Image files only"}, 400
|
||||
else: return render_template("settings_profile.html", v=v, error=f"Image files only."), 400
|
||||
|
||||
name = f'/images/{time.time()}'.replace('.','') + '.webp'
|
||||
name = f'/images/{time.time()}'.replace('.','')[:-5] + '.webp'
|
||||
file.save(name)
|
||||
url = request.host_url[:-1] + process_image(name)
|
||||
|
||||
|
@ -314,7 +314,7 @@ def settings_profile_post(v):
|
|||
if request.headers.get("Authorization"): return {"error": f"Image files only"}, 400
|
||||
else: return render_template("settings_profile.html", v=v, error=f"Image files only."), 400
|
||||
|
||||
name = f'/images/{time.time()}'.replace('.','') + '.webp'
|
||||
name = f'/images/{time.time()}'.replace('.','')[:-5] + '.webp'
|
||||
file.save(name)
|
||||
url = request.host_url[:-1] + process_image(name)
|
||||
|
||||
|
@ -720,7 +720,7 @@ def settings_images_profile(v):
|
|||
|
||||
file = request.files["profile"]
|
||||
|
||||
name = f'/images/{time.time()}'.replace('.','') + '.webp'
|
||||
name = f'/images/{time.time()}'.replace('.','')[:-5] + '.webp'
|
||||
file.save(name)
|
||||
highres = request.host_url[:-1] + process_image(name)
|
||||
|
||||
|
@ -756,7 +756,7 @@ def settings_images_banner(v):
|
|||
|
||||
file = request.files["banner"]
|
||||
|
||||
name = f'/images/{time.time()}'.replace('.','') + '.webp'
|
||||
name = f'/images/{time.time()}'.replace('.','')[:-5] + '.webp'
|
||||
file.save(name)
|
||||
bannerurl = request.host_url[:-1] + process_image(name)
|
||||
|
||||
|
|
|
@ -817,7 +817,18 @@ def user_profile_uid(id):
|
|||
try: id = int(id, 36)
|
||||
except: abort(404)
|
||||
x=get_account(id)
|
||||
return redirect(x.profile_url)
|
||||
|
||||
purl = x.profile_url
|
||||
if not 'images/' in purl: return redirect(purl)
|
||||
|
||||
path = purl.split('images/')[1]
|
||||
resp = make_response(send_from_directory('/images', path))
|
||||
resp.headers.remove("Cache-Control")
|
||||
resp.headers.add("Cache-Control", "public, max-age=2628000")
|
||||
if request.path.endswith('.webp'):
|
||||
resp.headers.remove("Content-Type")
|
||||
resp.headers.add("Content-Type", "image/webp")
|
||||
return resp
|
||||
|
||||
@app.get("/@<username>/pic")
|
||||
@limiter.exempt
|
||||
|
|
|
@ -13,11 +13,11 @@
|
|||
|
||||
{% if v %}
|
||||
<style>:root{--primary:#{{v.themecolor}}}</style>
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=142"><link rel="stylesheet" href="/assets/css/{{v.theme}}.css?v=125">
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=145"><link rel="stylesheet" href="/assets/css/{{v.theme}}.css?v=125">
|
||||
{% if v.agendaposter %}<link rel="stylesheet" href="/assets/css/agendaposter.css?v=125">{% elif v.css %}<link rel="stylesheet" href="/@{{v.username}}/css">{% endif %}
|
||||
{% else %}
|
||||
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=142"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=145"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">
|
||||
{% endif %}
|
||||
|
||||
</head>
|
||||
|
|
|
@ -6,11 +6,11 @@
|
|||
{% block content %}
|
||||
{% if v %}
|
||||
<style>:root{--primary:#{{v.themecolor}}}</style>
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=142"><link rel="stylesheet" href="/assets/css/{{v.theme}}.css?v=125">
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=145"><link rel="stylesheet" href="/assets/css/{{v.theme}}.css?v=125">
|
||||
{% if v.agendaposter %}<link rel="stylesheet" href="/assets/css/agendaposter.css?v=125">{% elif v.css %}<link rel="stylesheet" href="/@{{v.username}}/css">{% endif %}
|
||||
{% else %}
|
||||
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=142"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=145"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">
|
||||
{% endif %}
|
||||
|
||||
<div class="row justify-content-around">
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
<title>2-Step Login - {{'SITE_NAME' | app_config}}</title>
|
||||
|
||||
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=142"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=145"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">
|
||||
|
||||
</head>
|
||||
|
||||
|
|
|
@ -36,10 +36,10 @@
|
|||
|
||||
{% if v %}
|
||||
<style>:root{--primary:#{{v.themecolor}}}</style>
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=142"><link rel="stylesheet" href="/assets/css/{{v.theme}}.css?v=125">
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=145"><link rel="stylesheet" href="/assets/css/{{v.theme}}.css?v=125">
|
||||
{% else %}
|
||||
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=142"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=145"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">
|
||||
{% endif %}
|
||||
|
||||
<link href="/assets/css/fa.css?v=55" rel="stylesheet">
|
||||
|
|
|
@ -29,7 +29,7 @@
|
|||
<title>{% if ref_user %}{{ref_user.username}} invites you to {{'SITE_NAME' | app_config}}{% else %}{{'SITE_NAME' | app_config}}{% endif %}</title>
|
||||
|
||||
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=142"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">
|
||||
<link rel="stylesheet" href="/assets/css/main.css?v=145"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">
|
||||
|
||||
</head>
|
||||
|
||||
|
|
Loading…
Reference in New Issue