forked from MarseyWorld/MarseyWorld
fsfs
parent
535c3a75cd
commit
eb69e6fbf8
|
@ -85,8 +85,6 @@ db_session = scoped_session(sessionmaker(bind=engine, autoflush=False))
|
|||
@app.before_request
|
||||
def before_request():
|
||||
|
||||
if request.content_length > 16 * 1024 * 1024: abort(413)
|
||||
|
||||
if request.method.lower() != "get" and app.config["READ_ONLY"]: return {"error":f"{app.config['SITE_NAME']} is currently in read-only mode."}, 500
|
||||
|
||||
if app.config["BOT_DISABLE"] and request.headers.get("X-User-Type")=="Bot": abort(503)
|
||||
|
|
|
@ -644,6 +644,8 @@ def admin_removed(v):
|
|||
@admin_level_required(4)
|
||||
@validate_formkey
|
||||
def admin_image_ban(v):
|
||||
if request.content_length > 16 * 1024 * 1024: abort(413)
|
||||
|
||||
|
||||
i=request.files['file']
|
||||
|
||||
|
|
|
@ -129,6 +129,7 @@ def post_pid_comment_cid(cid, pid=None, anything=None, v=None):
|
|||
@is_not_banned
|
||||
@validate_formkey
|
||||
def api_comment(v):
|
||||
if request.content_length > 16 * 1024 * 1024: abort(413)
|
||||
|
||||
parent_submission = request.values.get("submission")
|
||||
parent_fullname = request.values.get("parent_fullname")
|
||||
|
@ -592,6 +593,7 @@ def api_comment(v):
|
|||
@auth_required
|
||||
@validate_formkey
|
||||
def edit_comment(cid, v):
|
||||
if request.content_length > 16 * 1024 * 1024: abort(413)
|
||||
|
||||
c = get_comment(cid, v=v)
|
||||
|
||||
|
|
|
@ -588,6 +588,7 @@ def thumbs(new_post):
|
|||
@is_not_banned
|
||||
@validate_formkey
|
||||
def submit_post(v):
|
||||
if request.content_length > 16 * 1024 * 1024: abort(413)
|
||||
|
||||
title = request.values.get("title", "")
|
||||
url = request.values.get("url", "")
|
||||
|
|
|
@ -40,6 +40,8 @@ def removebackground(v):
|
|||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_profile_post(v):
|
||||
if request.content_length > 16 * 1024 * 1024: abort(413)
|
||||
|
||||
updated = False
|
||||
|
||||
if request.values.get("background", v.background) != v.background:
|
||||
|
@ -497,6 +499,7 @@ def settings_log_out_others(v):
|
|||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_images_profile(v):
|
||||
if request.content_length > 16 * 1024 * 1024: abort(413)
|
||||
|
||||
if request.headers.get("cf-ipcountry") == "T1": return "Image uploads are not allowed through TOR.", 403
|
||||
|
||||
|
@ -522,6 +525,7 @@ def settings_images_profile(v):
|
|||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_images_banner(v):
|
||||
if request.content_length > 16 * 1024 * 1024: abort(413)
|
||||
|
||||
if request.headers.get("cf-ipcountry") == "T1": return "Image uploads are not allowed through TOR.", 403
|
||||
|
||||
|
|
Loading…
Reference in New Issue