carpathianflorist
/
MarseyWorld
forked from MarseyWorld/MarseyWorld
1
0
Fork 0
Code Pull Requests Activity
26,172 Commits
1 Branch
0 Tags
2.3 GiB
Commit Graph

810 Commits (a72c18bed759ca40b80dbe65f95a9541a376a5e5)

Author SHA1 Message Date
Aevann a42729329f fix this https://stupidpol.site/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/3645817#context 2023-02-24 02:46:39 +02:00
Aevann 19482f4205 Revert "fix this https://stupidpol.site/post/149214/food-wars-ii-marseychingchong-strikes-back/3642965#context" 
This reverts commit afd6949998.
 2023-02-24 01:38:00 +02:00
Aevann afd6949998 fix this https://stupidpol.site/post/149214/food-wars-ii-marseychingchong-strikes-back/3642965#context 2023-02-22 19:38:17 +02:00
Aevann f1a3f365b5 actually disable comments in css 2023-02-18 22:00:39 +02:00
Aevann cd2d36e8ef disallow comments in css 2023-02-18 21:49:11 +02:00
Aevann 7d926e56c9 keep twitter params for search 2023-02-17 20:27:41 +02:00
Aevann 44e9085d8d add .network to supported TLDs 2023-02-17 16:57:58 +02:00
Aevann 6ec1200611 fix roulette 2023-02-08 04:34:44 +02:00
Aevann 37bc8adf1b fix chat 2023-02-08 04:14:54 +02:00
Aevann 88814ee208 expand blackjack 2023-02-07 05:31:49 +02:00
Aevann de3efef761 fix this https://stupidpol.site/post/145206/larry-feinberg-cancelled-seinfeld-ai-banned/3546391#context 2023-02-07 03:12:14 +02:00
Aevann 59ee320584 remove underscore_in_link_regex 2023-02-02 18:53:35 +02:00
official-techsupport 08571dece1 add 'blog' tld (#108) 
https://scottaaronson.blog/ is a thing, for example. We must support the thing.

Add .blog as an approved TLD.

Co-authored-by: official-techsupport <official_techsupport@protonmail.com>
Reviewed-on: rDrama/rDrama#108
Co-authored-by: official-techsupport <official-techsupport@noreply.fsdfsd.net>
Co-committed-by: official-techsupport <official-techsupport@noreply.fsdfsd.net>
 2023-02-01 23:20:08 +00:00
Aevann 4ea5dd6d54 disable numbered lists 2023-02-01 17:59:10 +02:00
Aevann 1b786f7be7 fix 500 error 2023-01-28 12:42:45 +02:00
Aevann 1e30acc5a8 make all images have loading="lazy" 2023-01-27 19:55:25 +02:00
Aevann df132627e6 fix underscores inside links 2023-01-27 11:11:13 +02:00
Aevann 83b22560eb dont use abort in chat 2023-01-27 09:07:58 +02:00
Aevann dd1dfc7b77 add .cooking to tlds 2023-01-25 17:49:14 +02:00
Aevann 2a0e288e12 remove twitter tracking 2023-01-25 15:54:58 +02:00
Aevann b31405c23d rename handle_youtube to handle_youtube_links 2023-01-25 13:17:12 +02:00
Aevann 9eab5308f3 fix youtube edge case 2023-01-25 13:16:59 +02:00
Aevann fd3f397214 add .tech tld 2023-01-24 08:30:49 +02:00
official-techsupport 123cee6372 fix an edge case in showmore (when many long paragraphs) (#93) 
$subj

Co-authored-by: official-techsupport <official_techsupport@protonmail.com>
Reviewed-on: rDrama/rDrama#93
Co-authored-by: official-techsupport <official-techsupport@noreply.fsdfsd.net>
Co-committed-by: official-techsupport <official-techsupport@noreply.fsdfsd.net>
 2023-01-24 03:56:14 +00:00
Aevann 12274b858f ban discord ids 2023-01-23 09:38:16 +02:00
Aevann d9056abfa8 add .wiki tld 2023-01-23 04:15:44 +02:00
Aevann a560958c3a fix youtube timestamps 2023-01-23 04:06:56 +02:00
official-techsupport 5902fa5822 showmore on too many newlines (works now) (#90) 
At this point I think we should stop abusing regexes to implement the showmore logic.

I also reduced the character constant to 3000/2500 and increased the line constant to 20 but I don't have any strong feelings about them.

Co-authored-by: official-techsupport <official_techsupport@protonmail.com>
Reviewed-on: rDrama/rDrama#90
Co-authored-by: official-techsupport <official-techsupport@noreply.fsdfsd.net>
Co-committed-by: official-techsupport <official-techsupport@noreply.fsdfsd.net>
 2023-01-22 23:27:24 +00:00
Aevann e8323127f9 fix this https://stupidpol.site/post/141309/marseyxdmarseywall-twitter-influencer-seethemaxxing-after-being/3453484#context 2023-01-22 11:04:09 +02:00
Aevann df803791ef exclude snappy from fishylinks_regex 2023-01-21 06:18:02 +02:00
Aevann 96eacd73df same as last commit 2023-01-21 02:40:32 +02:00
Aevann c560d1d9fe improve the "show more" button 2023-01-21 01:47:27 +02:00
Aevann daad32d0ce fix nonces in py files 2023-01-02 06:20:59 +02:00
Aevann f7874b2c4e fix show more button 2023-01-01 14:26:25 +02:00
Aevann 044664a25e get rid of useless tabs and spaces 2023-01-01 13:36:20 +02:00
Aevann b0b70d2f0f better 200w behavior 2023-01-01 13:30:33 +02:00
Aevann 91b8602714 Revert "stop using 200w" 
This reverts commit cabc0d3603.
 2023-01-01 13:18:24 +02:00
Aevann cabc0d3603 stop using 200w 2023-01-01 10:10:06 +02:00
Aevann dce00a0d3f more chud images 2023-01-01 09:55:22 +02:00
Aevann 8362a4c497 js fixes 2022-12-30 21:35:23 +02:00
Aevann 3bdfa2b13f add new chud image 2022-12-30 16:59:05 +02:00
Aevann 54b49d374c minor fix 2022-12-27 07:37:21 +02:00
Aevann a122986111 fix giphy framerate 2022-12-25 06:10:54 +02:00
Aevann 663541d0ce use 200w_d.webp for giphy 2022-12-25 03:22:17 +02:00
Aevann 366f445f2e replace giphy.gif with giphy.webp 2022-12-25 02:54:47 +02:00
Aevann 1f899c5821 add this https://stupidpol.site/post/134079/new-image-to-spam-at-transphobic/3299559 2022-12-24 20:22:49 +02:00
Aevann a63b02470d use sets with in statements 2022-12-24 00:22:41 +02:00
Aevann b82d29dfde randomize chud addendums 2022-12-23 03:55:11 +02:00
Aevann 5d6d108dd5 remove redundant domain bans 2022-12-23 00:25:31 +02:00
Aevann1 0ba5469424 increase sanitize timeout from 5 seconds to 10 seconds 2022-12-15 21:31:33 +02:00
justcool393 ab41db22b7 [DO NOT MERGE] multiple sub banners (#59) 
allows multiple sub banners

Snakes note: By request of Carp, especially for WPD.

Co-authored-by: justcool393 <justcool393@gmail.com>
Co-authored-by: Snakes <duolsm@outlook.com>
Reviewed-on: rDrama/rDrama#59
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
 2022-12-11 23:44:34 +00:00
Aevann1 4439f03ef5 resizable videos 2022-12-10 21:12:14 +02:00
geese_suck 6a56f036cb
whitelist table class for tables in sanitizer 2022-12-09 13:04:28 -08:00
justcool393 c12bf5105f WPD: remove poll limit (#51) 
by request of the wpd mops

Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: rDrama/rDrama#51
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
 2022-12-06 18:24:41 +00:00
Snakes 9160a853ec
Remove !YOU!. 
Security mess and stale joke.
 2022-12-05 20:06:04 -05:00
Snakes fe5ffd1bcf
security: sanitize !YOU! in <a href="">. 
Unlike the recent auto-embed exploits which have been patched, this
requires active user action. However our userbase, like all userbases,
contains quite a few retards and phoneposters who don't check links
before clicking.

Example exploit:

    <a href="https://example.com/log?username=!YOU!">Bardfinn Dox</a>
 2022-12-05 19:05:02 -05:00
Aevann 18df70caab allow JL3 to edit rules (#39) 
Co-authored-by: Aevann1 <randomname42029@gmail.com>
Reviewed-on: rDrama/rDrama#39
Co-authored-by: Aevann <aevann@noreply.fsdfsd.net>
Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
 2022-12-05 05:22:08 +00:00
Snakes be2b210df4
Remove superfluous #disablepoll command. 
Already resolved by 29070c78a9.
 2022-12-04 17:15:52 -05:00
justcool393 ed0981cbdb add functionality to disable poll formatting (#35) 
Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: rDrama/rDrama#35
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
 2022-12-04 21:46:27 +00:00
Aevann1 1f675c61e5 minor regex fix for emojis 2022-12-04 00:26:05 +02:00
Aevann1 9947e635ab make supportjews.webp an image instead 2022-12-03 00:32:51 +02:00
Aevann1 6248042e46 add supportjews emoji and use it in chud message 2022-12-03 00:22:18 +02:00
Aevann1 064b5878f9 add "media" tld 2022-12-02 12:38:07 +02:00
Aevann1 a641acaf8f use sets instead of lists in some statements 2022-11-26 06:52:47 +02:00
Aevann1 1ab3835a09 add .host and .art 2022-11-22 23:20:24 +02:00
Aevann1 f272989735 Revert "stop adding target="_blank" in the backend and move it to the frontend (to accomodate PWA users) - THANK YOU GEESE I LOVE YOU SO MUCH (#473)" 
This reverts commit 88f3cd519d.
 2022-11-21 19:37:38 +02:00
Aevann1 88f3cd519d
stop adding target="_blank" in the backend and move it to the frontend (to accomodate PWA users) - THANK YOU GEESE I LOVE YOU SO MUCH (#473) 
* test

* bleg

* remove User.newtab and see if anyone complains (#471)

* fddf
 2022-11-21 07:14:26 -08:00
Aevann1 2362afa622 make the youtube code in sanitize be like the youtube code in posts.py 2022-11-19 06:44:07 -06:00
Aevann1 f1288ba991 fix https://rdrama.life/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/3080531?context=8#context 2022-11-15 17:29:45 +02:00
justcool393 8f2f48d6d1
[DO NOT MERGE] import detanglation (#442) 
* move Base definition to files.classes.__init__.py

* fix ImportError

* move userpage listing to users.py

* don't import the app from classes

* consts: set default values to avoid crashes
consts: warn if the secret key is the default config value

* card view: sneed (user db schema)

* cloudflare: use DEFAULT_CONFIG_VALUE

* const: set default values

* decouple media.py from __main__

* pass database to avoid imports

* import cleanup and import request not in const, but in the requests mega import

* move asset_submissions site check to __init__

* asset submissions feature flag

* flag

* g.is_tor

* don't import request where it's not needed

* i think this is fine

* mail: move to own routes and helper

* wrappers

* required wrappers move

* unfuck wrappers a bit

* move snappy quotes and marseys to stateful consts

* marsify

* :pepodrool:

* fix missing import

* import cache

* ...and settings.py

* and static.py

* static needs cache

* route

* lmao all of the jinja shit was in feeds.py amazing

* classes should only import what they need from flask

* import Response

* hdjbjdhbhjf

* ...

* dfdfdfdf

* make get a non-required import

* isort imports (mostly)

* but actually

* configs

* reload config on import

* fgfgfgfg

* config

* config

* initialize snappy and test

* cookie of doom debug

* edfjnkf

* xikscdfd

* debug config

* set session cookie domain, i think this fixes the can't login bug

* sdfbgnhvfdsghbnjfbdvvfghnn

* hrsfxgf

* dump the entire config on a request

* kyskyskyskyskyskyskyskyskys

* duifhdskfjdfd

* dfdfdfdfdfdfdfdfdfdfdfdf

* dfdfdfdf

* imoprt all of the consts beacuse fuck it

* 😭

* dfdfdfdfdfdfsdasdf

* print the entire session

* rffdfdfjkfksj

* fgbhffh

* not the secret keys

* minor bug fixes

* be helpful in the warning

* gfgfgfg

* move warning lower

* isort main imports (i hope this doesn't fuck something up)

* test

* session cookie domain redux

* dfdfdfd

* try only importing Flask

* formkeys fix

* y

* :pepodrool:

* route helper

* remove before flight

* dfdfdfdfdf

* isort classes

* isort helpers

* move check_for_alts to routehelpers and also sort imports and get rid of unused ones

* that previous commit but actkally

* readd the cache in a dozen places they were implicitly imported

* use g.is_tor instead of request.headers. bla bla bla

* upgrade streamers to their own route file

* get rid of unused imports in __main__

* fgfgf

* don't pull in the entire ORM where we don't need it

* features

* explicit imports for the get helper

* explicit imports for the get helper redux

* testing allroutes

* remove unused import

* decouple flask from classes

* syntax fix also remember these have side fx for some reason (why?)

* move side effects out of the class

* posts

* testing on devrama

* settings

* reloading

* settingssdsdsds

* streamer features

* site settings

* testing settings on devrama

* import

* fix modlog

* remove debug stuff

* revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6

* archiveorg to _archiveorg

* skhudkfkjfd

* fix cron for PCM

* fix bugs that snekky wants me to

* Fix call to realbody passing db, standardize kwarg

* test

* import check_for_alts from the right place

* cloudflare

* testing on devrama

* fix cron i think

* shadow properly

* tasks

* Remove print which will surely be annoying in prod.

* v and create new session

* use files.classes

* make errors import little and fix rare 500 in /allow_nsfw

* Revert "use files.classes"

This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6.

* pass v to media functions rather than using g

* fix

* dfdfdfdfd

* cleanup, py type checking is dumb so don't use it where it causes issues

* Fix some merge bugs, add DEFAULT_RATELIMIT to main.

* Fix imports on sqlalchemy expressions.

* `from random import random` is an error.

* Fix replies db param.

* errors: fix missing import

* fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text

* Fix signup formkey.

* fix 2 500s

* propagate db to submissions

* fix replies

* dfdfdfdf

* Fix verifiedcolor.

* is_manual

* can't use getters outside of an app context

* don't attempt to do gumroad on sites where it's not enabled

* don't attempt to do gumraod on sites's where it's unnecessary

* Revert "don't attempt to do gumroad on sites where it's not enabled"

This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3.

* fix 500

* validate media type

Co-authored-by: TLSM <duolsm@outlook.com>
 2022-11-15 03:19:08 -06:00
justcool393 3569c06ce2 add .video 2022-11-12 05:05:08 -06:00
justcool393 26549a6e66
remove logged out routes (#433) 
* remove /logged_out/ routes

* update sitemap, remove users route, and update header

* cloudflare cookie

* only mess with the cookie whenever we desire auth

* sitemap: (small) improvements
sitemap: fix little bug i introduced
sitemap: fix login redirects for /id/ routes

* sitemap: remove duplicate entry

* contact is auth desired

* imports: don't import what we don't need and bind late to the db

* praying to god this works

* keep yourself safe

* oh i actually need to commit and push lol

* import Sub

* t

* refix cache purger
 2022-11-09 00:35:24 -05:00
justcool393 657c00244a sanitize, fix bug with update_flag, and update copy for low tsfriends 2022-11-06 20:06:37 -08:00
Aevann1 d76fe63c7f constantify image extensions and fix imgur .gif bug 2022-11-05 23:01:23 +02:00
Aevann1 bd779abc6e go back to the old TLD system in sanitize 2022-11-02 09:08:02 +02:00
Aevann1 cc473795bf make banned domains case insensitive 2022-10-31 16:33:11 +02:00
justcool393 b8542af64c random fix 2022-10-30 20:10:33 -05:00
justcool393 2beef9f725 repost if you if you horse 2022-10-30 20:03:46 -05:00
Aevann1 227d074da7 remove redundant "noreferrer" 2022-10-29 23:46:35 +02:00
Aevann1 06314f92b1 remove referrer from html tags 2022-10-29 23:42:30 +02:00
Aevann1 b816973f38 ignore subdomains in banned_domains logic 2022-10-28 20:12:40 +02:00
Aevann1 1a35e2ec6a refactor banned domains 2022-10-28 00:37:29 +02:00
Aevann1 c8f24eab1b fix videos 2022-10-23 10:57:13 +02:00
justcool393 578e1896fd sanitize: strip out html comments 
they're unnecessary and never get rendered
 2022-10-20 18:06:55 -05:00
Aevann1 3c3950adb0 change video tags 2022-10-20 22:26:43 +02:00
justcool393 cb35480ee6 sanitize: replace cuneiform ban with an overline ban 2022-10-20 09:44:32 -05:00
justcool393 b92535c286 pings bypass permission 2022-10-12 02:36:29 -07:00
justcool393 87fd8ee57a comment sanity checks and constantization 
* make HTML body length a constant and use it
* abort before uploads and other tasks if comment level is too deep
* what a nightmare of two functions, please do better next time
 2022-10-09 05:54:46 -07:00
official-techsupport 4e23161f11
Re-enable showmore_regex for Snappy (#389) 
* Re-enable showmore_regex for Snappy

* showmore a bit more aggressively
 2022-10-06 02:17:28 -04:00
Aevann1 168f18893f change wording of an error msg 2022-10-06 07:08:48 +02:00
justcool393 093ced7b20 introduce constant for post and title length 2022-10-05 16:35:44 -07:00
justcool393 88ae00deef sanitize raw bodies 2022-10-05 16:35:44 -07:00
justcool393 19b2f71c3b improve raw title sanitization and don't check the same thing like 5 times 2022-10-05 16:35:44 -07:00
justcool393 f901d5af05
show raw unicode codes instead of the actual characters 2022-10-04 15:29:00 -07:00
justcool393 4c71bd6b5c
fake colon 2022-10-04 14:33:23 -07:00
Aevann1 dee46a9306 revert an earlier change for video and audio files in sanitize() 2022-10-01 19:42:34 +02:00
Aevann1 3006da3f8f increase sanitize timeout limit from 2 seconds to 5 seconds 2022-09-29 12:34:09 +02:00
Aevann1 b9d3336a9e nitter shit 2022-09-29 07:53:37 +02:00
official-techsupport bd8b96c1f5
fix the TLD matching to exclude numbers (#371) 2022-09-24 18:06:53 -04:00
official-techsupport 0ff839d396
Accept any TLDS (#369) 2022-09-24 02:04:09 +02:00
Aevann1 bb4e21b2f0 fix utm regex 2022-09-23 15:23:11 +02:00
Aevann1 2fb4ebdcb0 minor sanitize refactor 2022-09-16 18:30:34 +02:00
Aevann1 b3d2fca506 remove kf replacing 2022-09-12 13:59:49 +02:00
Aevann1 47890d771d add Marsey Submission UI 2022-09-09 11:13:50 +02:00
Aevann1 0f232b264c refactor torture_ap 2022-09-05 22:05:04 +02:00
Aevann1 959e08bb83 make marsify not count towards /marseys 2022-09-05 10:49:34 +02:00
Aevann1 0271d4488f do this https://rdrama.org/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/2658067?context=8#context 2022-09-05 03:43:07 +02:00
Aevann1 0c32d56cd6 casino + style shit 2022-09-05 01:15:37 +02:00
Aevann1 a0579b40e0 restore metadata for audio 2022-09-03 05:39:35 +02:00
Aevann1 28dbe0d6ab fix WPD slowness 2022-09-03 05:34:06 +02:00
Aevann1 083371f20f keep_blank_values 2022-09-01 22:46:57 +02:00
Aevann1 523bfd93c5 show first frame of video 2022-09-01 22:43:11 +02:00
official-techsupport a9eeb29b9b
fix showmore quadratic behavior (#343) 2022-08-30 23:19:53 +02:00
Aevann1 2dcd1288d7 Revert "adjust audio and video embedding" 
This reverts commit e9d98e158c.
 2022-08-26 20:15:26 +02:00
Aevann1 0b786477fc support all existing TLDs 2022-08-25 17:04:25 +02:00
Aevann1 75ad5b34f2 fix youtube embedding 2022-08-25 00:02:06 +02:00
Aevann1 3c9145ee60 add .world tld 2022-08-23 00:13:32 +02:00
Aevann1 fbbd6f9be8 fix prev commit 2022-08-21 19:22:18 +02:00
Aevann1 663904fb3d steal the parts I wanted from spidey's PR 2022-08-21 19:20:09 +02:00
Aevann1 fb2437574f change ping_limit to be 3 for comments, and 50 for posts 2022-08-21 17:05:32 +02:00
Aevann1 0e0f414cc9 add .farm TLD 2022-08-21 15:29:35 +02:00
Aevann1 7084e71c57 fix pinging 2022-08-20 23:39:01 +02:00
Aevann1 e9d98e158c adjust audio and video embedding 2022-08-20 22:32:28 +02:00
Aevann1 d8c6b575de fix pinging 2022-08-19 15:10:39 +02:00
Aevann1 5234c8ef21 remove weird spaes 2022-08-17 22:30:07 +02:00
Aevann1 0715ab3e64 fix multipinging (hopefully this doesnt break other shit) 2022-08-17 21:41:09 +02:00
Aevann1 0cae055403 remove weird spaces annoying me 2022-08-17 21:25:57 +02:00
Aevann1 b9453bac03 replace "https://imgur.com/" with "https://i.imgur.com/" for the sake of mobilecels 2022-08-13 07:06:53 +02:00
Snakes 55c1ad859e
Disable showmore logic on posts. 2022-08-10 17:34:15 -04:00
Snakes 8b241a765a
Check URI approved embed in all CSS contexts. 2022-08-05 13:09:41 -04:00
Aevann1 981692550f fix ping limiting being applies on all instances of "sanitize()" 2022-08-05 17:14:22 +02:00
Aevann1 d069550284 fix issue with showmore button breaking divs 2022-08-04 21:31:13 +02:00
Aevann1 347604c433 make non-jannies unable to ping more than 3 ppl 2022-07-29 15:23:34 +02:00
Snakes d06ea7d349 LGB: disable markup commands. 2022-07-19 21:20:52 -04:00
Aevann1 636e5e1254 fix camas.unddit.com 2022-07-15 15:27:45 +02:00
Aevann1 8da96d40f7 replace search.marsey.cat with camas.unddit.com 2022-07-15 15:00:51 +02:00
Aevann1 e3d2d24d94 fix this https://chapotraphouse.club/post/85005/chadblack2-soymad-soycry-soymad-black-man/2294928?context=8#context 2022-07-13 18:48:53 +02:00
Aevann1 dcc63c7834 add more image validation (to fix this https://chapotraphouse.club/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/2298173?context=8#context) 2022-07-12 22:30:00 +02:00
Aevann1 fb73fa0612 add target="_blank" to all external urls 2022-07-12 22:29:27 +02:00
Aevann1 b5d9db86d1 refactor comment commands 2022-07-11 14:14:18 +02:00
Aevann1 1549508e49 make :marseyunpettable: unpettable 2022-07-08 17:39:54 +02:00
Snakes b66bfdcab9 sanitize.with_sigalrm_timeout: functools.wrap fix. 2022-07-06 05:01:48 -04:00
official-techsupport 548030fcf1 fix exceptions in sanitize leaving SIGALRM on 2022-07-06 04:46:00 -04:00
Aevann1 1115c1a574 fix reddit domain replacement 2022-07-04 05:08:33 +02:00
Aevann1 c0c5057ab9 make reddit_domain_regex work with user profiles too 2022-07-04 03:12:28 +02:00
Aevann1 076fad1108 fix 403 errors on unrelated text 2022-07-03 05:42:15 +02:00
Aevann1 3bfe9e984b don't allow URLs with '\\' in them 2022-07-03 04:03:40 +02:00
Aevann1 bce4c13043 kitchen sink commit, all over the place 2022-07-02 12:44:05 +02:00
Aevann1 6ec0d25034 strip sanitized text 2022-07-02 12:12:52 +02:00
Aevann1 77c1f96383 remove empty anchor tags 2022-07-02 02:54:59 +02:00
Aevann1 28786342dc fix snappy archiving images 2022-07-02 02:25:58 +02:00
Aevann1 cba02b9e4b fix issue with code blocks 2022-07-01 01:01:10 +02:00
Aevann1 aa53296d07 Revert "remove "filter" from allowed styles" 
This reverts commit 14d929623e.
 2022-07-01 00:18:05 +02:00
Aevann1 14d929623e remove "filter" from allowed styles 2022-07-01 00:03:32 +02:00
Aevann1 790a814b36 make "show more" button look nicer 2022-06-29 04:35:52 +02:00
Aevann1 e7460874e9 double the timeout duration for sanitize() 2022-06-29 03:39:33 +02:00
Aevann1 b6a5d010ca add "show more..." button 2022-06-29 02:55:44 +02:00
Aevann1 3ed41a0835 remove insane number of line breaks in rendered HTML 2022-06-29 01:53:41 +02:00
Aevann1 b873492dd0 fix strikethrough, v2 2022-06-28 07:52:29 +02:00
Aevann1 50121f6960 fixed strikethrough 2022-06-28 07:41:21 +02:00
Aevann1 46c9c719d0 fixed 500 error 2022-06-27 04:22:12 +02:00
Aevann1 b5d993569f embed rework 2022-06-27 03:00:45 +02:00
Snakes aaf718c78c Fix timeout in sanitize from link_fix_regex. 
h/t to @official-techsupport for finding and help fixing this bug.
When given certain pathological input, `sanitize` would time out
(notably only on posts, rather than comments, perhaps due to the
longer maximum length of input). For example, using as input the
result of:

    with open("test.txt", "w") as f:
        for i in range(26):
            f.write(f":{chr(ord('a') + i)}: ")
        f.write('x' * 20_000)

We believe this to be because of some combination of the greedy
quantifiers and the negative lookahead before the match. The regex
was rewritten to (in theory) have much more linear performance.
 2022-06-25 01:28:43 -04:00
Aevann1 2c1d1aceff fix this https://chapotraphouse.club/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/2178607?context=8#context 2022-06-23 21:43:49 +02:00
Aevann1 39cf7fc48b refactor normalizing urls at runtime (I put the function in comment.py cuz there were weird import errors that i didnt wanna fix) 2022-06-23 17:47:57 +02:00
Aevann1 e42227ab67 add glowie marseys 2022-06-23 02:34:37 +02:00
Aevann1 0e1177843e remove the need for alert flag on sanitize() 2022-06-23 00:12:47 +02:00
Snakes 26273d0997 Revert "delete empty <a> tags to prevent exploits" 
This reverts commit 5f78b4e365.

This commit is breaking @-mentions in a great many contexts and
I'm not quite sure how to fix it right now.
 2022-06-22 18:00:23 -04:00
Aevann1 5f78b4e365 delete empty <a> tags to prevent exploits 2022-06-22 23:12:02 +02:00
Aevann1 20585ca543 add a shortened endpoint for static images and rename loading.webp to l.webp (to save bytes) 2022-06-22 17:51:19 +02:00
Snakes 4166b2d2f0 Content: chadsoy x2, more neo-gTLDs. 2022-06-21 01:03:33 -04:00
Snakes dee8eb5154 Replace loading.webp with new marseyloading. 2022-06-19 22:15:33 -04:00
Aevann1 7c5e8c04b0 add .dev tld 2022-06-19 22:32:12 +02:00
Aevann1 3eb788103c allow only ascii characters in links (https://rdrama.net/comment/2150032) 2022-06-19 19:25:55 +02:00
Aevann1 5ddde69ac9 greentext fix 2022-06-19 17:22:06 +02:00
Aevann1 45b1b61760 added greentext 2022-06-19 17:05:50 +02:00
Snakes e5193cbd46 Fix mention sanitize when `g.v` not present. 
This bug was discovered when lottery.check_if_end_lottery_task was
failing due to a stack trace thru end_lottery session < badge_grant
< send_repeatable_notifications < sanitize L208. In particular, when
`flask cron` (helpers/cron.py) executes, it does not set g.v, whereas
this code previously assumed that g.v : (None + User) and did not
check for its presence.
 2022-06-18 21:22:04 -04:00
Aevann1 453d83856e add .press tld 2022-06-18 18:07:57 +02:00
Aevann1 ccdabcba29 allow uploading of all types of files (using lain.la) 
+ allow multiple file upload in bios and messaging admins
 2022-06-18 17:53:34 +02:00
Aevann1 c01d53aa0d make mentioning case-insensitive again 2022-06-18 00:03:23 +02:00
Aevann1 fae0bee0d9 Refactored mention sanitization (stolen commit from themotte) 2022-06-17 22:37:27 +02:00
Aevann1 35875d69f6 stop replacing "nitter.net" with "twitter.com" (to fix this shit https://chapotraphouse.club/post/77517/xueen-ezra-is-taunting-the-pigs/2132884?context=8#context) 2022-06-16 18:46:32 +02:00
Snakes c61375288f Content: add TLD to sanitize. 2022-06-14 03:48:02 -04:00
Aevann1 d8fff0bc72 Revert "Fix giant patting hand UI bug." 
This reverts commit 7915eb8390.
 2022-06-13 20:31:28 +02:00
Aevann1 07f2c0d2ca make marsey counter work everywhere (not just comments) 2022-06-13 20:05:24 +02:00
Snakes 7915eb8390 Fix giant patting hand UI bug. 
Despite being very fun, this fixes the recently discovered bug where
placing '#' or '!' within the 'pat:' suffix of a patted emoji causes
the enclosing <span> to not be given the proper CSS `display` or
`position`, leading to the hand being sized relative to the comment
bounding box rather than the emoji box.

This should be backward compatible. The only posts it wont fix are
existing ones with the giant hands. Main example being:
https://rdrama.net/h/slackernews/post/76302/
 2022-06-12 02:22:38 -04:00
Snakes f76b94b58d Content: keywords updates. 2022-06-11 22:08:48 -04:00
Aevann1 831344b723 small image embed improvements 2022-06-11 14:21:59 +02:00
Aevann1 a082105ab8 remove weird trailing tabs 2022-06-11 11:56:16 +02:00
Aevann1 654ddc4157 re-refactor normalize_url 2022-06-10 22:02:15 +02:00
Aevann1 6800d33019 replace streamable links with full-size version 2022-06-10 16:35:09 +02:00
Aevann1 dcf5207e83 all 'app' tld (for discussions.app) 2022-06-10 16:04:49 +02:00
Snakes 5fb358a32a Add more TLDs to sanitize. 2022-06-03 17:01:32 -04:00
Snakes 2008c09136 Add 'filter' to allowed_styles. 2022-06-02 06:14:20 -04:00
Snakes cf46b8b3fe Refactor e81edb711d for modularity. 2022-05-30 00:30:10 -04:00
Aevann1 e81edb711d fixed this https://rdrama.net/post/72013/-/2010109?context=8#context 2022-05-30 06:12:51 +02:00
Aevann1 6b6e2e8253 sfd 2022-05-27 20:28:54 +02:00
Aevann1 386db76c10 crgd is a king 2022-05-25 20:29:22 +02:00
Aevann1 de176280c8 e 2022-05-25 17:42:30 +02:00
Snakes 1c7458e111 Sanitize: modularize normalize_url, fix streamable. 
Originally prompted by https://rdrama.net/post/18459/-/1984609 which
noticed that streamable.com/e/ links as posts would have another e/
added to them. This was in spite of logic in posts.py api_is_repost
and submit_post designed to specifically counteract this.
Proximal cause was a copypasta'd url.replace(...) chain which
caused the mistake before the streamable-specific logic had a chance
to avoid making it.

Solution: remove the streamable replacement from the chained statement
and create `helpers.normalize_url(url)` to get rid of the copypasta.
 2022-05-25 04:43:16 -04:00