Commit Graph

748 Commits (f5a97ae709421aed9963f0678e06e60b8f4c7a03)

Author SHA1 Message Date
official-techsupport 08571dece1 add 'blog' tld (#108)
https://scottaaronson.blog/ is a thing, for example. We must support the thing.

Add .blog as an approved TLD.

Co-authored-by: official-techsupport <official_techsupport@protonmail.com>
Reviewed-on: rDrama/rDrama#108
Co-authored-by: official-techsupport <official-techsupport@noreply.fsdfsd.net>
Co-committed-by: official-techsupport <official-techsupport@noreply.fsdfsd.net>
2023-02-01 23:20:08 +00:00
Aevann 4ea5dd6d54 disable numbered lists 2023-02-01 17:59:10 +02:00
Aevann 1b786f7be7 fix 500 error 2023-01-28 12:42:45 +02:00
Aevann 1e30acc5a8 make all images have loading="lazy" 2023-01-27 19:55:25 +02:00
Aevann df132627e6 fix underscores inside links 2023-01-27 11:11:13 +02:00
Aevann 83b22560eb dont use abort in chat 2023-01-27 09:07:58 +02:00
Aevann dd1dfc7b77 add .cooking to tlds 2023-01-25 17:49:14 +02:00
Aevann 2a0e288e12 remove twitter tracking 2023-01-25 15:54:58 +02:00
Aevann b31405c23d rename handle_youtube to handle_youtube_links 2023-01-25 13:17:12 +02:00
Aevann 9eab5308f3 fix youtube edge case 2023-01-25 13:16:59 +02:00
Aevann fd3f397214 add .tech tld 2023-01-24 08:30:49 +02:00
official-techsupport 123cee6372 fix an edge case in showmore (when many long paragraphs) (#93)
$subj

Co-authored-by: official-techsupport <official_techsupport@protonmail.com>
Reviewed-on: rDrama/rDrama#93
Co-authored-by: official-techsupport <official-techsupport@noreply.fsdfsd.net>
Co-committed-by: official-techsupport <official-techsupport@noreply.fsdfsd.net>
2023-01-24 03:56:14 +00:00
Aevann 12274b858f ban discord ids 2023-01-23 09:38:16 +02:00
Aevann d9056abfa8 add .wiki tld 2023-01-23 04:15:44 +02:00
Aevann a560958c3a fix youtube timestamps 2023-01-23 04:06:56 +02:00
official-techsupport 5902fa5822 showmore on too many newlines (works now) (#90)
At this point I think we should stop abusing regexes to implement the showmore logic.

I also reduced the character constant to 3000/2500 and increased the line constant to 20 but I don't have any strong feelings about them.

Co-authored-by: official-techsupport <official_techsupport@protonmail.com>
Reviewed-on: rDrama/rDrama#90
Co-authored-by: official-techsupport <official-techsupport@noreply.fsdfsd.net>
Co-committed-by: official-techsupport <official-techsupport@noreply.fsdfsd.net>
2023-01-22 23:27:24 +00:00
Aevann e8323127f9 fix this https://stupidpol.site/post/141309/marseyxdmarseywall-twitter-influencer-seethemaxxing-after-being/3453484#context 2023-01-22 11:04:09 +02:00
Aevann df803791ef exclude snappy from fishylinks_regex 2023-01-21 06:18:02 +02:00
Aevann 96eacd73df same as last commit 2023-01-21 02:40:32 +02:00
Aevann c560d1d9fe improve the "show more" button 2023-01-21 01:47:27 +02:00
Aevann daad32d0ce fix nonces in py files 2023-01-02 06:20:59 +02:00
Aevann f7874b2c4e fix show more button 2023-01-01 14:26:25 +02:00
Aevann 044664a25e get rid of useless tabs and spaces 2023-01-01 13:36:20 +02:00
Aevann b0b70d2f0f better 200w behavior 2023-01-01 13:30:33 +02:00
Aevann 91b8602714 Revert "stop using 200w"
This reverts commit cabc0d3603.
2023-01-01 13:18:24 +02:00
Aevann cabc0d3603 stop using 200w 2023-01-01 10:10:06 +02:00
Aevann dce00a0d3f more chud images 2023-01-01 09:55:22 +02:00
Aevann 8362a4c497 js fixes 2022-12-30 21:35:23 +02:00
Aevann 3bdfa2b13f add new chud image 2022-12-30 16:59:05 +02:00
Aevann 54b49d374c minor fix 2022-12-27 07:37:21 +02:00
Aevann a122986111 fix giphy framerate 2022-12-25 06:10:54 +02:00
Aevann 663541d0ce use 200w_d.webp for giphy 2022-12-25 03:22:17 +02:00
Aevann 366f445f2e replace giphy.gif with giphy.webp 2022-12-25 02:54:47 +02:00
Aevann 1f899c5821 add this https://stupidpol.site/post/134079/new-image-to-spam-at-transphobic/3299559 2022-12-24 20:22:49 +02:00
Aevann a63b02470d use sets with in statements 2022-12-24 00:22:41 +02:00
Aevann b82d29dfde randomize chud addendums 2022-12-23 03:55:11 +02:00
Aevann 5d6d108dd5 remove redundant domain bans 2022-12-23 00:25:31 +02:00
Aevann1 0ba5469424 increase sanitize timeout from 5 seconds to 10 seconds 2022-12-15 21:31:33 +02:00
justcool393 ab41db22b7 [DO NOT MERGE] multiple sub banners (#59)
allows multiple sub banners

Snakes note: By request of Carp, especially for WPD.

Co-authored-by: justcool393 <justcool393@gmail.com>
Co-authored-by: Snakes <duolsm@outlook.com>
Reviewed-on: rDrama/rDrama#59
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-11 23:44:34 +00:00
Aevann1 4439f03ef5 resizable videos 2022-12-10 21:12:14 +02:00
geese_suck 6a56f036cb
whitelist table class for tables in sanitizer 2022-12-09 13:04:28 -08:00
justcool393 c12bf5105f WPD: remove poll limit (#51)
by request of the wpd mops

Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: rDrama/rDrama#51
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-06 18:24:41 +00:00
Snakes 9160a853ec
Remove !YOU!.
Security mess and stale joke.
2022-12-05 20:06:04 -05:00
Snakes fe5ffd1bcf
security: sanitize !YOU! in <a href="">.
Unlike the recent auto-embed exploits which have been patched, this
requires active user action. However our userbase, like all userbases,
contains quite a few retards and phoneposters who don't check links
before clicking.

Example exploit:

    <a href="https://example.com/log?username=!YOU!">Bardfinn Dox</a>
2022-12-05 19:05:02 -05:00
Aevann 18df70caab allow JL3 to edit rules (#39)
Co-authored-by: Aevann1 <randomname42029@gmail.com>
Reviewed-on: rDrama/rDrama#39
Co-authored-by: Aevann <aevann@noreply.fsdfsd.net>
Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 05:22:08 +00:00
Snakes be2b210df4
Remove superfluous #disablepoll command.
Already resolved by 29070c78a9.
2022-12-04 17:15:52 -05:00
justcool393 ed0981cbdb add functionality to disable poll formatting (#35)
Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: rDrama/rDrama#35
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-04 21:46:27 +00:00
Aevann1 1f675c61e5 minor regex fix for emojis 2022-12-04 00:26:05 +02:00
Aevann1 9947e635ab make supportjews.webp an image instead 2022-12-03 00:32:51 +02:00
Aevann1 6248042e46 add supportjews emoji and use it in chud message 2022-12-03 00:22:18 +02:00
Aevann1 064b5878f9 add "media" tld 2022-12-02 12:38:07 +02:00
Aevann1 a641acaf8f use sets instead of lists in some statements 2022-11-26 06:52:47 +02:00
Aevann1 1ab3835a09 add .host and .art 2022-11-22 23:20:24 +02:00
Aevann1 f272989735 Revert "stop adding target="_blank" in the backend and move it to the frontend (to accomodate PWA users) - THANK YOU GEESE I LOVE YOU SO MUCH (#473)"
This reverts commit 88f3cd519d.
2022-11-21 19:37:38 +02:00
Aevann1 88f3cd519d
stop adding target="_blank" in the backend and move it to the frontend (to accomodate PWA users) - THANK YOU GEESE I LOVE YOU SO MUCH (#473)
* test

* bleg

* remove User.newtab and see if anyone complains (#471)

* fddf
2022-11-21 07:14:26 -08:00
Aevann1 2362afa622 make the youtube code in sanitize be like the youtube code in posts.py 2022-11-19 06:44:07 -06:00
Aevann1 f1288ba991 fix https://rdrama.life/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/3080531?context=8#context 2022-11-15 17:29:45 +02:00
justcool393 8f2f48d6d1
[DO NOT MERGE] import detanglation (#442)
* move Base definition to files.classes.__init__.py

* fix ImportError

* move userpage listing to users.py

* don't import the app from classes

* consts: set default values to avoid crashes
consts: warn if the secret key is the default config value

* card view: sneed (user db schema)

* cloudflare: use DEFAULT_CONFIG_VALUE

* const: set default values

* decouple media.py from __main__

* pass database to avoid imports

* import cleanup and import request not in const, but in the requests mega import

* move asset_submissions site check to __init__

* asset submissions feature flag

* flag

* g.is_tor

* don't import request where it's not needed

* i think this is fine

* mail: move to own routes and helper

* wrappers

* required wrappers move

* unfuck wrappers a bit

* move snappy quotes and marseys to stateful consts

* marsify

* :pepodrool:

* fix missing import

* import cache

* ...and settings.py

* and static.py

* static needs cache

* route

* lmao all of the jinja shit was in feeds.py amazing

* classes should only import what they need from flask

* import Response

* hdjbjdhbhjf

* ...

* dfdfdfdf

* make get a non-required import

* isort imports (mostly)

* but actually

* configs

* reload config on import

* fgfgfgfg

* config

* config

* initialize snappy and test

* cookie of doom debug

* edfjnkf

* xikscdfd

* debug config

* set session cookie domain, i think this fixes the can't login bug

* sdfbgnhvfdsghbnjfbdvvfghnn

* hrsfxgf

* dump the entire config on a request

* kyskyskyskyskyskyskyskyskys

* duifhdskfjdfd

* dfdfdfdfdfdfdfdfdfdfdfdf

* dfdfdfdf

* imoprt all of the consts beacuse fuck it

* 😭

* dfdfdfdfdfdfsdasdf

* print the entire session

* rffdfdfjkfksj

* fgbhffh

* not the secret keys

* minor bug fixes

* be helpful in the warning

* gfgfgfg

* move warning lower

* isort main imports (i hope this doesn't fuck something up)

* test

* session cookie domain redux

* dfdfdfd

* try only importing Flask

* formkeys fix

* y

* :pepodrool:

* route helper

* remove before flight

* dfdfdfdfdf

* isort classes

* isort helpers

* move check_for_alts to routehelpers and also sort imports and get rid of unused ones

* that previous commit but actkally

* readd the cache in a dozen places they were implicitly imported

* use g.is_tor instead of request.headers. bla bla bla

* upgrade streamers to their own route file

* get rid of unused imports in __main__

* fgfgf

* don't pull in the entire ORM where we don't need it

* features

* explicit imports for the get helper

* explicit imports for the get helper redux

* testing allroutes

* remove unused import

* decouple flask from classes

* syntax fix also remember these have side fx for some reason (why?)

* move side effects out of the class

* posts

* testing on devrama

* settings

* reloading

* settingssdsdsds

* streamer features

* site settings

* testing settings on devrama

* import

* fix modlog

* remove debug stuff

* revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6

* archiveorg to _archiveorg

* skhudkfkjfd

* fix cron for PCM

* fix bugs that snekky wants me to

* Fix call to realbody passing db, standardize kwarg

* test

* import check_for_alts from the right place

* cloudflare

* testing on devrama

* fix cron i think

* shadow properly

* tasks

* Remove print which will surely be annoying in prod.

* v and create new session

* use files.classes

* make errors import little and fix rare 500 in /allow_nsfw

* Revert "use files.classes"

This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6.

* pass v to media functions rather than using g

* fix

* dfdfdfdfd

* cleanup, py type checking is dumb so don't use it where it causes issues

* Fix some merge bugs, add DEFAULT_RATELIMIT to main.

* Fix imports on sqlalchemy expressions.

* `from random import random` is an error.

* Fix replies db param.

* errors: fix missing import

* fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text

* Fix signup formkey.

* fix 2 500s

* propagate db to submissions

* fix replies

* dfdfdfdf

* Fix verifiedcolor.

* is_manual

* can't use getters outside of an app context

* don't attempt to do gumroad on sites where it's not enabled

* don't attempt to do gumraod on sites's where it's unnecessary

* Revert "don't attempt to do gumroad on sites where it's not enabled"

This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3.

* fix 500

* validate media type

Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 03:19:08 -06:00
justcool393 3569c06ce2 add .video 2022-11-12 05:05:08 -06:00
justcool393 26549a6e66
remove logged out routes (#433)
* remove /logged_out/ routes

* update sitemap, remove users route, and update header

* cloudflare cookie

* only mess with the cookie whenever we desire auth

* sitemap: (small) improvements
sitemap: fix little bug i introduced
sitemap: fix login redirects for /id/ routes

* sitemap: remove duplicate entry

* contact is auth desired

* imports: don't import what we don't need and bind late to the db

* praying to god this works

* keep yourself safe

* oh i actually need to commit and push lol

* import Sub

* t

* refix cache purger
2022-11-09 00:35:24 -05:00
justcool393 657c00244a sanitize, fix bug with update_flag, and update copy for low tsfriends 2022-11-06 20:06:37 -08:00
Aevann1 d76fe63c7f constantify image extensions and fix imgur .gif bug 2022-11-05 23:01:23 +02:00
Aevann1 bd779abc6e go back to the old TLD system in sanitize 2022-11-02 09:08:02 +02:00
Aevann1 cc473795bf make banned domains case insensitive 2022-10-31 16:33:11 +02:00
justcool393 b8542af64c random fix 2022-10-30 20:10:33 -05:00
justcool393 2beef9f725 repost if you if you horse 2022-10-30 20:03:46 -05:00
Aevann1 227d074da7 remove redundant "noreferrer" 2022-10-29 23:46:35 +02:00
Aevann1 06314f92b1 remove referrer from html tags 2022-10-29 23:42:30 +02:00
Aevann1 b816973f38 ignore subdomains in banned_domains logic 2022-10-28 20:12:40 +02:00
Aevann1 1a35e2ec6a refactor banned domains 2022-10-28 00:37:29 +02:00
Aevann1 c8f24eab1b fix videos 2022-10-23 10:57:13 +02:00
justcool393 578e1896fd sanitize: strip out html comments
they're unnecessary and never get rendered
2022-10-20 18:06:55 -05:00
Aevann1 3c3950adb0 change video tags 2022-10-20 22:26:43 +02:00
justcool393 cb35480ee6 sanitize: replace cuneiform ban with an overline ban 2022-10-20 09:44:32 -05:00
justcool393 b92535c286 pings bypass permission 2022-10-12 02:36:29 -07:00
justcool393 87fd8ee57a comment sanity checks and constantization
* make HTML body length a constant and use it
* abort before uploads and other tasks if comment level is too deep
* what a nightmare of two functions, please do better next time
2022-10-09 05:54:46 -07:00
official-techsupport 4e23161f11
Re-enable showmore_regex for Snappy (#389)
* Re-enable showmore_regex for Snappy

* showmore a bit more aggressively
2022-10-06 02:17:28 -04:00
Aevann1 168f18893f change wording of an error msg 2022-10-06 07:08:48 +02:00
justcool393 093ced7b20 introduce constant for post and title length 2022-10-05 16:35:44 -07:00
justcool393 88ae00deef sanitize raw bodies 2022-10-05 16:35:44 -07:00
justcool393 19b2f71c3b improve raw title sanitization and don't check the same thing like 5 times 2022-10-05 16:35:44 -07:00
justcool393 f901d5af05
show raw unicode codes instead of the actual characters 2022-10-04 15:29:00 -07:00
justcool393 4c71bd6b5c
fake colon 2022-10-04 14:33:23 -07:00
Aevann1 dee46a9306 revert an earlier change for video and audio files in sanitize() 2022-10-01 19:42:34 +02:00
Aevann1 3006da3f8f increase sanitize timeout limit from 2 seconds to 5 seconds 2022-09-29 12:34:09 +02:00
Aevann1 b9d3336a9e nitter shit 2022-09-29 07:53:37 +02:00
official-techsupport bd8b96c1f5
fix the TLD matching to exclude numbers (#371) 2022-09-24 18:06:53 -04:00
official-techsupport 0ff839d396
Accept any TLDS (#369) 2022-09-24 02:04:09 +02:00
Aevann1 bb4e21b2f0 fix utm regex 2022-09-23 15:23:11 +02:00
Aevann1 2fb4ebdcb0 minor sanitize refactor 2022-09-16 18:30:34 +02:00
Aevann1 b3d2fca506 remove kf replacing 2022-09-12 13:59:49 +02:00
Aevann1 47890d771d add Marsey Submission UI 2022-09-09 11:13:50 +02:00
Aevann1 0f232b264c refactor torture_ap 2022-09-05 22:05:04 +02:00
Aevann1 959e08bb83 make marsify not count towards /marseys 2022-09-05 10:49:34 +02:00
Aevann1 0271d4488f do this https://rdrama.org/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/2658067?context=8#context 2022-09-05 03:43:07 +02:00
Aevann1 0c32d56cd6 casino + style shit 2022-09-05 01:15:37 +02:00
Aevann1 a0579b40e0 restore metadata for audio 2022-09-03 05:39:35 +02:00
Aevann1 28dbe0d6ab fix WPD slowness 2022-09-03 05:34:06 +02:00
Aevann1 083371f20f keep_blank_values 2022-09-01 22:46:57 +02:00
Aevann1 523bfd93c5 show first frame of video 2022-09-01 22:43:11 +02:00
official-techsupport a9eeb29b9b
fix showmore quadratic behavior (#343) 2022-08-30 23:19:53 +02:00
Aevann1 2dcd1288d7 Revert "adjust audio and video embedding"
This reverts commit e9d98e158c.
2022-08-26 20:15:26 +02:00
Aevann1 0b786477fc support all existing TLDs 2022-08-25 17:04:25 +02:00
Aevann1 75ad5b34f2 fix youtube embedding 2022-08-25 00:02:06 +02:00
Aevann1 3c9145ee60 add .world tld 2022-08-23 00:13:32 +02:00
Aevann1 fbbd6f9be8 fix prev commit 2022-08-21 19:22:18 +02:00
Aevann1 663904fb3d steal the parts I wanted from spidey's PR 2022-08-21 19:20:09 +02:00
Aevann1 fb2437574f change ping_limit to be 3 for comments, and 50 for posts 2022-08-21 17:05:32 +02:00
Aevann1 0e0f414cc9 add .farm TLD 2022-08-21 15:29:35 +02:00
Aevann1 7084e71c57 fix pinging 2022-08-20 23:39:01 +02:00
Aevann1 e9d98e158c adjust audio and video embedding 2022-08-20 22:32:28 +02:00
Aevann1 d8c6b575de fix pinging 2022-08-19 15:10:39 +02:00
Aevann1 5234c8ef21 remove weird spaes 2022-08-17 22:30:07 +02:00
Aevann1 0715ab3e64 fix multipinging (hopefully this doesnt break other shit) 2022-08-17 21:41:09 +02:00
Aevann1 0cae055403 remove weird spaces annoying me 2022-08-17 21:25:57 +02:00
Aevann1 b9453bac03 replace "https://imgur.com/" with "https://i.imgur.com/" for the sake of mobilecels 2022-08-13 07:06:53 +02:00
Snakes 55c1ad859e
Disable showmore logic on posts. 2022-08-10 17:34:15 -04:00
Snakes 8b241a765a
Check URI approved embed in all CSS contexts. 2022-08-05 13:09:41 -04:00
Aevann1 981692550f fix ping limiting being applies on all instances of "sanitize()" 2022-08-05 17:14:22 +02:00
Aevann1 d069550284 fix issue with showmore button breaking divs 2022-08-04 21:31:13 +02:00
Aevann1 347604c433 make non-jannies unable to ping more than 3 ppl 2022-07-29 15:23:34 +02:00
Snakes d06ea7d349 LGB: disable markup commands. 2022-07-19 21:20:52 -04:00
Aevann1 636e5e1254 fix camas.unddit.com 2022-07-15 15:27:45 +02:00
Aevann1 8da96d40f7 replace search.marsey.cat with camas.unddit.com 2022-07-15 15:00:51 +02:00
Aevann1 e3d2d24d94 fix this https://chapotraphouse.club/post/85005/chadblack2-soymad-soycry-soymad-black-man/2294928?context=8#context 2022-07-13 18:48:53 +02:00
Aevann1 dcc63c7834 add more image validation (to fix this https://chapotraphouse.club/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/2298173?context=8#context) 2022-07-12 22:30:00 +02:00
Aevann1 fb73fa0612 add target="_blank" to all external urls 2022-07-12 22:29:27 +02:00
Aevann1 b5d9db86d1 refactor comment commands 2022-07-11 14:14:18 +02:00
Aevann1 1549508e49 make :marseyunpettable: unpettable 2022-07-08 17:39:54 +02:00
Snakes b66bfdcab9 sanitize.with_sigalrm_timeout: functools.wrap fix. 2022-07-06 05:01:48 -04:00
official-techsupport 548030fcf1 fix exceptions in sanitize leaving SIGALRM on 2022-07-06 04:46:00 -04:00
Aevann1 1115c1a574 fix reddit domain replacement 2022-07-04 05:08:33 +02:00
Aevann1 c0c5057ab9 make reddit_domain_regex work with user profiles too 2022-07-04 03:12:28 +02:00
Aevann1 076fad1108 fix 403 errors on unrelated text 2022-07-03 05:42:15 +02:00
Aevann1 3bfe9e984b don't allow URLs with '\\' in them 2022-07-03 04:03:40 +02:00
Aevann1 bce4c13043 kitchen sink commit, all over the place 2022-07-02 12:44:05 +02:00
Aevann1 6ec0d25034 strip sanitized text 2022-07-02 12:12:52 +02:00
Aevann1 77c1f96383 remove empty anchor tags 2022-07-02 02:54:59 +02:00
Aevann1 28786342dc fix snappy archiving images 2022-07-02 02:25:58 +02:00
Aevann1 cba02b9e4b fix issue with code blocks 2022-07-01 01:01:10 +02:00
Aevann1 aa53296d07 Revert "remove "filter" from allowed styles"
This reverts commit 14d929623e.
2022-07-01 00:18:05 +02:00
Aevann1 14d929623e remove "filter" from allowed styles 2022-07-01 00:03:32 +02:00
Aevann1 790a814b36 make "show more" button look nicer 2022-06-29 04:35:52 +02:00
Aevann1 e7460874e9 double the timeout duration for sanitize() 2022-06-29 03:39:33 +02:00
Aevann1 b6a5d010ca add "show more..." button 2022-06-29 02:55:44 +02:00
Aevann1 3ed41a0835 remove insane number of line breaks in rendered HTML 2022-06-29 01:53:41 +02:00
Aevann1 b873492dd0 fix strikethrough, v2 2022-06-28 07:52:29 +02:00
Aevann1 50121f6960 fixed strikethrough 2022-06-28 07:41:21 +02:00
Aevann1 46c9c719d0 fixed 500 error 2022-06-27 04:22:12 +02:00
Aevann1 b5d993569f embed rework 2022-06-27 03:00:45 +02:00