Commit Graph

564 Commits (fbaa3984a0a570b58941bc3e528cde74509991ec)

Author SHA1 Message Date
Aevann1 3bfe9e984b don't allow URLs with '\\' in them 2022-07-03 04:03:40 +02:00
Aevann1 bce4c13043 kitchen sink commit, all over the place 2022-07-02 12:44:05 +02:00
Aevann1 6ec0d25034 strip sanitized text 2022-07-02 12:12:52 +02:00
Aevann1 77c1f96383 remove empty anchor tags 2022-07-02 02:54:59 +02:00
Aevann1 28786342dc fix snappy archiving images 2022-07-02 02:25:58 +02:00
Aevann1 cba02b9e4b fix issue with code blocks 2022-07-01 01:01:10 +02:00
Aevann1 aa53296d07 Revert "remove "filter" from allowed styles"
This reverts commit 14d929623e.
2022-07-01 00:18:05 +02:00
Aevann1 14d929623e remove "filter" from allowed styles 2022-07-01 00:03:32 +02:00
Aevann1 790a814b36 make "show more" button look nicer 2022-06-29 04:35:52 +02:00
Aevann1 e7460874e9 double the timeout duration for sanitize() 2022-06-29 03:39:33 +02:00
Aevann1 b6a5d010ca add "show more..." button 2022-06-29 02:55:44 +02:00
Aevann1 3ed41a0835 remove insane number of line breaks in rendered HTML 2022-06-29 01:53:41 +02:00
Aevann1 b873492dd0 fix strikethrough, v2 2022-06-28 07:52:29 +02:00
Aevann1 50121f6960 fixed strikethrough 2022-06-28 07:41:21 +02:00
Aevann1 46c9c719d0 fixed 500 error 2022-06-27 04:22:12 +02:00
Aevann1 b5d993569f embed rework 2022-06-27 03:00:45 +02:00
Snakes aaf718c78c Fix timeout in sanitize from link_fix_regex.
h/t to @official-techsupport for finding and help fixing this bug.
When given certain pathological input, `sanitize` would time out
(notably only on posts, rather than comments, perhaps due to the
longer maximum length of input). For example, using as input the
result of:

    with open("test.txt", "w") as f:
        for i in range(26):
            f.write(f":{chr(ord('a') + i)}: ")
        f.write('x' * 20_000)

We believe this to be because of some combination of the greedy
quantifiers and the negative lookahead before the match. The regex
was rewritten to (in theory) have much more linear performance.
2022-06-25 01:28:43 -04:00
Aevann1 2c1d1aceff fix this https://chapotraphouse.club/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/2178607?context=8#context 2022-06-23 21:43:49 +02:00
Aevann1 39cf7fc48b refactor normalizing urls at runtime (I put the function in comment.py cuz there were weird import errors that i didnt wanna fix) 2022-06-23 17:47:57 +02:00
Aevann1 e42227ab67 add glowie marseys 2022-06-23 02:34:37 +02:00
Aevann1 0e1177843e remove the need for alert flag on sanitize() 2022-06-23 00:12:47 +02:00
Snakes 26273d0997 Revert "delete empty <a> tags to prevent exploits"
This reverts commit 5f78b4e365.

This commit is breaking @-mentions in a great many contexts and
I'm not quite sure how to fix it right now.
2022-06-22 18:00:23 -04:00
Aevann1 5f78b4e365 delete empty <a> tags to prevent exploits 2022-06-22 23:12:02 +02:00
Aevann1 20585ca543 add a shortened endpoint for static images and rename loading.webp to l.webp (to save bytes) 2022-06-22 17:51:19 +02:00
Snakes 4166b2d2f0 Content: chadsoy x2, more neo-gTLDs. 2022-06-21 01:03:33 -04:00
Snakes dee8eb5154 Replace loading.webp with new marseyloading. 2022-06-19 22:15:33 -04:00
Aevann1 7c5e8c04b0 add .dev tld 2022-06-19 22:32:12 +02:00
Aevann1 3eb788103c allow only ascii characters in links (https://rdrama.net/comment/2150032) 2022-06-19 19:25:55 +02:00
Aevann1 5ddde69ac9 greentext fix 2022-06-19 17:22:06 +02:00
Aevann1 45b1b61760 added greentext 2022-06-19 17:05:50 +02:00
Snakes e5193cbd46 Fix mention sanitize when `g.v` not present.
This bug was discovered when lottery.check_if_end_lottery_task was
failing due to a stack trace thru end_lottery session < badge_grant
< send_repeatable_notifications < sanitize L208. In particular, when
`flask cron` (helpers/cron.py) executes, it does not set g.v, whereas
this code previously assumed that g.v : (None + User) and did not
check for its presence.
2022-06-18 21:22:04 -04:00
Aevann1 453d83856e add .press tld 2022-06-18 18:07:57 +02:00
Aevann1 ccdabcba29 allow uploading of all types of files (using lain.la)
+ allow multiple file upload in bios and messaging admins
2022-06-18 17:53:34 +02:00
Aevann1 c01d53aa0d make mentioning case-insensitive again 2022-06-18 00:03:23 +02:00
Aevann1 fae0bee0d9 Refactored mention sanitization (stolen commit from themotte) 2022-06-17 22:37:27 +02:00
Aevann1 35875d69f6 stop replacing "nitter.net" with "twitter.com" (to fix this shit https://chapotraphouse.club/post/77517/xueen-ezra-is-taunting-the-pigs/2132884?context=8#context) 2022-06-16 18:46:32 +02:00
Snakes c61375288f Content: add TLD to sanitize. 2022-06-14 03:48:02 -04:00
Aevann1 d8fff0bc72 Revert "Fix giant patting hand UI bug."
This reverts commit 7915eb8390.
2022-06-13 20:31:28 +02:00
Aevann1 07f2c0d2ca make marsey counter work everywhere (not just comments) 2022-06-13 20:05:24 +02:00
Snakes 7915eb8390 Fix giant patting hand UI bug.
Despite being very fun, this fixes the recently discovered bug where
placing '#' or '!' within the 'pat:' suffix of a patted emoji causes
the enclosing <span> to not be given the proper CSS `display` or
`position`, leading to the hand being sized relative to the comment
bounding box rather than the emoji box.

This should be backward compatible. The only posts it wont fix are
existing ones with the giant hands. Main example being:
https://rdrama.net/h/slackernews/post/76302/
2022-06-12 02:22:38 -04:00
Snakes f76b94b58d Content: keywords updates. 2022-06-11 22:08:48 -04:00
Aevann1 831344b723 small image embed improvements 2022-06-11 14:21:59 +02:00
Aevann1 a082105ab8 remove weird trailing tabs 2022-06-11 11:56:16 +02:00
Aevann1 654ddc4157 re-refactor normalize_url 2022-06-10 22:02:15 +02:00
Aevann1 6800d33019 replace streamable links with full-size version 2022-06-10 16:35:09 +02:00
Aevann1 dcf5207e83 all 'app' tld (for discussions.app) 2022-06-10 16:04:49 +02:00
Snakes 5fb358a32a Add more TLDs to sanitize. 2022-06-03 17:01:32 -04:00
Snakes 2008c09136 Add 'filter' to allowed_styles. 2022-06-02 06:14:20 -04:00
Snakes cf46b8b3fe Refactor e81edb711d for modularity. 2022-05-30 00:30:10 -04:00
Aevann1 e81edb711d fixed this https://rdrama.net/post/72013/-/2010109?context=8#context 2022-05-30 06:12:51 +02:00
Aevann1 6b6e2e8253 sfd 2022-05-27 20:28:54 +02:00
Aevann1 386db76c10 crgd is a king 2022-05-25 20:29:22 +02:00
Aevann1 de176280c8 e 2022-05-25 17:42:30 +02:00
Snakes 1c7458e111 Sanitize: modularize normalize_url, fix streamable.
Originally prompted by https://rdrama.net/post/18459/-/1984609 which
noticed that streamable.com/e/ links as posts would have another e/
added to them. This was in spite of logic in posts.py api_is_repost
and submit_post designed to specifically counteract this.
Proximal cause was a copypasta'd url.replace(...) chain which
caused the mistake before the streamable-specific logic had a chance
to avoid making it.

Solution: remove the streamable replacement from the chained statement
and create `helpers.normalize_url(url)` to get rid of the copypasta.
2022-05-25 04:43:16 -04:00
Snakes 7ead30014c Upgrade bleach to 5.0.0. 2022-05-24 20:28:36 -04:00
Snakes 8c3b6cece1 Add 8-ball answers, like fortune & factcheck. 2022-05-24 19:08:41 -04:00
Snakes d0d029a78a sanitize: Add more neo-gTLDs to TLDs tuple-list.
Per https://rdrama.net/post/70341/-/1976650 added more gTLDs that
are actually desired by site users.

Also, hard wrapped the `TLDS` and `allowed_tags` tuple-lists at a
100char hard ruler for my sanity.
2022-05-24 15:16:55 -04:00
Snakes a56ebc39dd Add 'moe' to sanitize TLDS for linkifier. 2022-05-23 16:06:01 -04:00
Aevann1 15418ec1e6 sfd 2022-05-23 21:20:58 +02:00
Aevann1 649f8d5323 vdffsd 2022-05-23 00:45:04 +02:00
Aevann1 0a74a98ec5 big ass commit 2022-05-23 00:15:29 +02:00
Aevann1 37a6ce39f5 fixing https://rdrama.net/post/69817/tfw-you-will-never-troll-harder/1961118?context=8#context 2022-05-22 12:20:11 +02:00
Snakes 76fd1342f3 Fix @mention replacement.
Comments of the style e.g. "@TLSM / @TLSM2" would mistakenly be
`sanitize`d to have identical links only on "@TLSM", the latter
instance having a dangling 2 on the end. It seems this is purely an
issue with text formatting; alerts.py @ NOTIF_USERS had no such
issues. The root cause appears to be partly an optimization and
partly the use of str.replace without a count limit.
2022-05-20 17:04:36 -04:00
Aevann1 15f0b963c7 fc 2022-05-18 20:45:04 +02:00
Aevann1 c3cce7aaa5 Merge branch 'frost' of https://github.com/Aevann1/Drama into frost 2022-05-17 21:58:43 +02:00
Aevann1 3491c9187d pls review 2022-05-17 21:58:41 +02:00
HappyDOGE e7349aec98 Fix <a> tag link injection, don't throw a ValueError when href attr is missing, properly count marseys (their usage wasn't counted for 20 days :marseygasp:) (#265) 2022-05-17 20:59:07 +02:00
Snakes 42e0b77ca7 Add <audio> support to sanitize.py.
Parallels the decisions made with <video>.
2022-05-15 18:47:37 -04:00
Aevann1 50b1ed8aa0 fds 2022-05-15 10:45:57 +02:00
Aevann1 ed0d225554 sfd 2022-05-14 15:11:11 +02:00
Absinthe c3ae481048 #factcheck (#261)
Like #fortune but to check facts.
2022-05-12 16:21:11 +02:00
Aevann1 9a7c8f813f sfd 2022-05-08 11:06:01 +02:00
Aevann1 1b86af8def fg 2022-05-07 07:28:51 +02:00
Aevann1 6b10d097a2 mn 2022-05-05 01:09:46 +02:00
Aevann1 53702d5f13 dup 2022-05-04 05:14:14 +02:00
Aevann1 095e5cb0af sanitize 2022-05-03 21:07:15 +02:00
Aevann1 e73fcbd56a sfd 2022-04-29 17:17:14 +02:00
Aevann1 d0116ff2f8 sfd 2022-04-28 01:16:24 +02:00
Aevann1 952fdec513 fds 2022-04-27 18:28:00 +02:00
Aevann1 47978226e1 df 2022-04-27 17:15:41 +02:00
Aevann1 8296a580d1 xcv 2022-04-27 17:09:37 +02:00
Aevann1 583765f259 czx 2022-04-27 17:03:25 +02:00
float-trip d85951d912 add :@userpat: emojis (#231)
* refactor emoji formatting

* add user patting
2022-04-27 16:46:47 +02:00
Aevann1 e60fe0bcd6 gf 2022-04-25 16:51:40 +02:00
Aevann1 e3b00f6c89 fsd 2022-04-22 17:17:10 +02:00
Aevann1 74a291e975 fds 2022-04-20 00:24:43 +02:00
Aevann1 aa498d89c7 gfd 2022-04-19 21:13:36 +02:00
Aevann1 0705e96770 fds 2022-04-18 20:45:18 +02:00
Aevann1 0e74b54424 fsd 2022-04-18 20:25:14 +02:00
Aevann1 d7fa942d85 fds 2022-04-18 18:01:03 +02:00
Aevann1 69d285b0f3 fds 2022-04-18 01:00:17 +02:00
Aevann1 8214e2c6f9 fds 2022-04-18 00:13:37 +02:00
Aevann1 9c0441aef9 fsd 2022-04-17 23:46:29 +02:00
Aevann1 78ea56837f fds 2022-04-17 22:20:40 +02:00
Aevann1 e63dcc0c74 fds 2022-04-17 15:53:00 +02:00
Aevann1 2c27fed388 fds 2022-04-17 01:22:48 +02:00
Aevann1 5e18eb7222 fds' 2022-04-17 01:06:53 +02:00
Aevann1 520f2e32f0 fsd 2022-04-17 01:00:32 +02:00
Aevann1 d11f430e97 fsd 2022-04-17 01:00:21 +02:00
Aevann1 39c374a90d fds 2022-04-17 00:42:12 +02:00