Commit Graph

618 Commits (47ba7f11f23f9bd1b937036368ec95fdf70a6b5a)

Author SHA1 Message Date
Aevann a122986111 fix giphy framerate 2022-12-25 06:10:54 +02:00
Aevann 663541d0ce use 200w_d.webp for giphy 2022-12-25 03:22:17 +02:00
Aevann 366f445f2e replace giphy.gif with giphy.webp 2022-12-25 02:54:47 +02:00
Aevann 1f899c5821 add this https://stupidpol.site/post/134079/new-image-to-spam-at-transphobic/3299559 2022-12-24 20:22:49 +02:00
Aevann a63b02470d use sets with in statements 2022-12-24 00:22:41 +02:00
Aevann b82d29dfde randomize chud addendums 2022-12-23 03:55:11 +02:00
Aevann 5d6d108dd5 remove redundant domain bans 2022-12-23 00:25:31 +02:00
Aevann1 0ba5469424 increase sanitize timeout from 5 seconds to 10 seconds 2022-12-15 21:31:33 +02:00
justcool393 ab41db22b7 [DO NOT MERGE] multiple sub banners (#59)
allows multiple sub banners

Snakes note: By request of Carp, especially for WPD.

Co-authored-by: justcool393 <justcool393@gmail.com>
Co-authored-by: Snakes <duolsm@outlook.com>
Reviewed-on: rDrama/rDrama#59
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-11 23:44:34 +00:00
Aevann1 4439f03ef5 resizable videos 2022-12-10 21:12:14 +02:00
geese_suck 6a56f036cb
whitelist table class for tables in sanitizer 2022-12-09 13:04:28 -08:00
justcool393 c12bf5105f WPD: remove poll limit (#51)
by request of the wpd mops

Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: rDrama/rDrama#51
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-06 18:24:41 +00:00
Snakes 9160a853ec
Remove !YOU!.
Security mess and stale joke.
2022-12-05 20:06:04 -05:00
Snakes fe5ffd1bcf
security: sanitize !YOU! in <a href="">.
Unlike the recent auto-embed exploits which have been patched, this
requires active user action. However our userbase, like all userbases,
contains quite a few retards and phoneposters who don't check links
before clicking.

Example exploit:

    <a href="https://example.com/log?username=!YOU!">Bardfinn Dox</a>
2022-12-05 19:05:02 -05:00
Aevann 18df70caab allow JL3 to edit rules (#39)
Co-authored-by: Aevann1 <randomname42029@gmail.com>
Reviewed-on: rDrama/rDrama#39
Co-authored-by: Aevann <aevann@noreply.fsdfsd.net>
Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 05:22:08 +00:00
Snakes be2b210df4
Remove superfluous #disablepoll command.
Already resolved by 29070c78a9.
2022-12-04 17:15:52 -05:00
justcool393 ed0981cbdb add functionality to disable poll formatting (#35)
Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: rDrama/rDrama#35
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-04 21:46:27 +00:00
Aevann1 1f675c61e5 minor regex fix for emojis 2022-12-04 00:26:05 +02:00
Aevann1 9947e635ab make supportjews.webp an image instead 2022-12-03 00:32:51 +02:00
Aevann1 6248042e46 add supportjews emoji and use it in chud message 2022-12-03 00:22:18 +02:00
Aevann1 064b5878f9 add "media" tld 2022-12-02 12:38:07 +02:00
Aevann1 a641acaf8f use sets instead of lists in some statements 2022-11-26 06:52:47 +02:00
Aevann1 1ab3835a09 add .host and .art 2022-11-22 23:20:24 +02:00
Aevann1 f272989735 Revert "stop adding target="_blank" in the backend and move it to the frontend (to accomodate PWA users) - THANK YOU GEESE I LOVE YOU SO MUCH (#473)"
This reverts commit 88f3cd519d.
2022-11-21 19:37:38 +02:00
Aevann1 88f3cd519d
stop adding target="_blank" in the backend and move it to the frontend (to accomodate PWA users) - THANK YOU GEESE I LOVE YOU SO MUCH (#473)
* test

* bleg

* remove User.newtab and see if anyone complains (#471)

* fddf
2022-11-21 07:14:26 -08:00
Aevann1 2362afa622 make the youtube code in sanitize be like the youtube code in posts.py 2022-11-19 06:44:07 -06:00
Aevann1 f1288ba991 fix https://rdrama.life/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/3080531?context=8#context 2022-11-15 17:29:45 +02:00
justcool393 8f2f48d6d1
[DO NOT MERGE] import detanglation (#442)
* move Base definition to files.classes.__init__.py

* fix ImportError

* move userpage listing to users.py

* don't import the app from classes

* consts: set default values to avoid crashes
consts: warn if the secret key is the default config value

* card view: sneed (user db schema)

* cloudflare: use DEFAULT_CONFIG_VALUE

* const: set default values

* decouple media.py from __main__

* pass database to avoid imports

* import cleanup and import request not in const, but in the requests mega import

* move asset_submissions site check to __init__

* asset submissions feature flag

* flag

* g.is_tor

* don't import request where it's not needed

* i think this is fine

* mail: move to own routes and helper

* wrappers

* required wrappers move

* unfuck wrappers a bit

* move snappy quotes and marseys to stateful consts

* marsify

* :pepodrool:

* fix missing import

* import cache

* ...and settings.py

* and static.py

* static needs cache

* route

* lmao all of the jinja shit was in feeds.py amazing

* classes should only import what they need from flask

* import Response

* hdjbjdhbhjf

* ...

* dfdfdfdf

* make get a non-required import

* isort imports (mostly)

* but actually

* configs

* reload config on import

* fgfgfgfg

* config

* config

* initialize snappy and test

* cookie of doom debug

* edfjnkf

* xikscdfd

* debug config

* set session cookie domain, i think this fixes the can't login bug

* sdfbgnhvfdsghbnjfbdvvfghnn

* hrsfxgf

* dump the entire config on a request

* kyskyskyskyskyskyskyskyskys

* duifhdskfjdfd

* dfdfdfdfdfdfdfdfdfdfdfdf

* dfdfdfdf

* imoprt all of the consts beacuse fuck it

* 😭

* dfdfdfdfdfdfsdasdf

* print the entire session

* rffdfdfjkfksj

* fgbhffh

* not the secret keys

* minor bug fixes

* be helpful in the warning

* gfgfgfg

* move warning lower

* isort main imports (i hope this doesn't fuck something up)

* test

* session cookie domain redux

* dfdfdfd

* try only importing Flask

* formkeys fix

* y

* :pepodrool:

* route helper

* remove before flight

* dfdfdfdfdf

* isort classes

* isort helpers

* move check_for_alts to routehelpers and also sort imports and get rid of unused ones

* that previous commit but actkally

* readd the cache in a dozen places they were implicitly imported

* use g.is_tor instead of request.headers. bla bla bla

* upgrade streamers to their own route file

* get rid of unused imports in __main__

* fgfgf

* don't pull in the entire ORM where we don't need it

* features

* explicit imports for the get helper

* explicit imports for the get helper redux

* testing allroutes

* remove unused import

* decouple flask from classes

* syntax fix also remember these have side fx for some reason (why?)

* move side effects out of the class

* posts

* testing on devrama

* settings

* reloading

* settingssdsdsds

* streamer features

* site settings

* testing settings on devrama

* import

* fix modlog

* remove debug stuff

* revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6

* archiveorg to _archiveorg

* skhudkfkjfd

* fix cron for PCM

* fix bugs that snekky wants me to

* Fix call to realbody passing db, standardize kwarg

* test

* import check_for_alts from the right place

* cloudflare

* testing on devrama

* fix cron i think

* shadow properly

* tasks

* Remove print which will surely be annoying in prod.

* v and create new session

* use files.classes

* make errors import little and fix rare 500 in /allow_nsfw

* Revert "use files.classes"

This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6.

* pass v to media functions rather than using g

* fix

* dfdfdfdfd

* cleanup, py type checking is dumb so don't use it where it causes issues

* Fix some merge bugs, add DEFAULT_RATELIMIT to main.

* Fix imports on sqlalchemy expressions.

* `from random import random` is an error.

* Fix replies db param.

* errors: fix missing import

* fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text

* Fix signup formkey.

* fix 2 500s

* propagate db to submissions

* fix replies

* dfdfdfdf

* Fix verifiedcolor.

* is_manual

* can't use getters outside of an app context

* don't attempt to do gumroad on sites where it's not enabled

* don't attempt to do gumraod on sites's where it's unnecessary

* Revert "don't attempt to do gumroad on sites where it's not enabled"

This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3.

* fix 500

* validate media type

Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 03:19:08 -06:00
justcool393 3569c06ce2 add .video 2022-11-12 05:05:08 -06:00
justcool393 26549a6e66
remove logged out routes (#433)
* remove /logged_out/ routes

* update sitemap, remove users route, and update header

* cloudflare cookie

* only mess with the cookie whenever we desire auth

* sitemap: (small) improvements
sitemap: fix little bug i introduced
sitemap: fix login redirects for /id/ routes

* sitemap: remove duplicate entry

* contact is auth desired

* imports: don't import what we don't need and bind late to the db

* praying to god this works

* keep yourself safe

* oh i actually need to commit and push lol

* import Sub

* t

* refix cache purger
2022-11-09 00:35:24 -05:00
justcool393 657c00244a sanitize, fix bug with update_flag, and update copy for low tsfriends 2022-11-06 20:06:37 -08:00
Aevann1 d76fe63c7f constantify image extensions and fix imgur .gif bug 2022-11-05 23:01:23 +02:00
Aevann1 bd779abc6e go back to the old TLD system in sanitize 2022-11-02 09:08:02 +02:00
Aevann1 cc473795bf make banned domains case insensitive 2022-10-31 16:33:11 +02:00
justcool393 b8542af64c random fix 2022-10-30 20:10:33 -05:00
justcool393 2beef9f725 repost if you if you horse 2022-10-30 20:03:46 -05:00
Aevann1 227d074da7 remove redundant "noreferrer" 2022-10-29 23:46:35 +02:00
Aevann1 06314f92b1 remove referrer from html tags 2022-10-29 23:42:30 +02:00
Aevann1 b816973f38 ignore subdomains in banned_domains logic 2022-10-28 20:12:40 +02:00
Aevann1 1a35e2ec6a refactor banned domains 2022-10-28 00:37:29 +02:00
Aevann1 c8f24eab1b fix videos 2022-10-23 10:57:13 +02:00
justcool393 578e1896fd sanitize: strip out html comments
they're unnecessary and never get rendered
2022-10-20 18:06:55 -05:00
Aevann1 3c3950adb0 change video tags 2022-10-20 22:26:43 +02:00
justcool393 cb35480ee6 sanitize: replace cuneiform ban with an overline ban 2022-10-20 09:44:32 -05:00
justcool393 b92535c286 pings bypass permission 2022-10-12 02:36:29 -07:00
justcool393 87fd8ee57a comment sanity checks and constantization
* make HTML body length a constant and use it
* abort before uploads and other tasks if comment level is too deep
* what a nightmare of two functions, please do better next time
2022-10-09 05:54:46 -07:00
official-techsupport 4e23161f11
Re-enable showmore_regex for Snappy (#389)
* Re-enable showmore_regex for Snappy

* showmore a bit more aggressively
2022-10-06 02:17:28 -04:00
Aevann1 168f18893f change wording of an error msg 2022-10-06 07:08:48 +02:00
justcool393 093ced7b20 introduce constant for post and title length 2022-10-05 16:35:44 -07:00
justcool393 88ae00deef sanitize raw bodies 2022-10-05 16:35:44 -07:00