forked from rDrama/rDrama
instead of error message when posting a banned domain, unlinkify instead
parent
469ce39415
commit
8b852f1bc7
|
@ -498,7 +498,7 @@ def sanitize(sanitized, golden=True, limit_pings=0, showmore=True, count_emojis=
|
||||||
|
|
||||||
links = soup.find_all("a")
|
links = soup.find_all("a")
|
||||||
|
|
||||||
domain_list = set()
|
banned_domains = [x.domain for x in g.db.query(BannedDomain.domain).all()]
|
||||||
|
|
||||||
for link in links:
|
for link in links:
|
||||||
#remove empty links
|
#remove empty links
|
||||||
|
@ -508,19 +508,31 @@ def sanitize(sanitized, golden=True, limit_pings=0, showmore=True, count_emojis=
|
||||||
|
|
||||||
href = link.get("href")
|
href = link.get("href")
|
||||||
if not href: continue
|
if not href: continue
|
||||||
|
domain = tldextract.extract(href).registered_domain
|
||||||
|
|
||||||
|
def unlinkfy():
|
||||||
|
link.string = href
|
||||||
|
del link["href"]
|
||||||
|
|
||||||
#\ in href right after / makes most browsers ditch site hostname and allows for a host injection bypassing the check, see <a href="/\google.com">cool</a>
|
#\ in href right after / makes most browsers ditch site hostname and allows for a host injection bypassing the check, see <a href="/\google.com">cool</a>
|
||||||
if "\\" in href:
|
if "\\" in href:
|
||||||
link.string = href
|
unlinkfy()
|
||||||
del link["href"]
|
|
||||||
continue
|
continue
|
||||||
|
|
||||||
domain = tldextract.extract(href).registered_domain
|
|
||||||
|
|
||||||
#don't allow something like this https://rdrama.net/post/78376/reminder-of-the-fact-that-our/2150032#context
|
#don't allow something like this https://rdrama.net/post/78376/reminder-of-the-fact-that-our/2150032#context
|
||||||
if domain and not allowed_domain_regex.fullmatch(domain):
|
if domain and not allowed_domain_regex.fullmatch(domain):
|
||||||
link.string = href
|
unlinkfy()
|
||||||
del link["href"]
|
continue
|
||||||
|
|
||||||
|
#check for banned domain
|
||||||
|
combined = (domain + urlparse(href).path).lower()
|
||||||
|
if any((combined.startswith(x) for x in banned_domains)):
|
||||||
|
unlinkfy()
|
||||||
|
continue
|
||||||
|
|
||||||
|
#don't allow something like this [https://rԁrama.net/leaderboard](https://iplogger.org/1fRKk7)
|
||||||
|
if not snappy and tldextract.extract(str(link.string)).registered_domain:
|
||||||
|
unlinkfy()
|
||||||
continue
|
continue
|
||||||
|
|
||||||
#insert target="_blank" and ref="nofollower noopener" for external link
|
#insert target="_blank" and ref="nofollower noopener" for external link
|
||||||
|
@ -528,13 +540,6 @@ def sanitize(sanitized, golden=True, limit_pings=0, showmore=True, count_emojis=
|
||||||
link["target"] = "_blank"
|
link["target"] = "_blank"
|
||||||
link["rel"] = "nofollow noopener"
|
link["rel"] = "nofollow noopener"
|
||||||
|
|
||||||
#don't allow something like this [https://rԁrama.net/leaderboard](https://iplogger.org/1fRKk7)
|
|
||||||
if not snappy and tldextract.extract(str(link.string)).registered_domain:
|
|
||||||
link.string = href
|
|
||||||
|
|
||||||
#add to set to check for banned domains later
|
|
||||||
combined = domain + urlparse(href).path
|
|
||||||
domain_list.add(combined.lower())
|
|
||||||
|
|
||||||
sanitized = str(soup).replace('<html><body>','').replace('</body></html>','')
|
sanitized = str(soup).replace('<html><body>','').replace('</body></html>','')
|
||||||
|
|
||||||
|
@ -544,11 +549,6 @@ def sanitize(sanitized, golden=True, limit_pings=0, showmore=True, count_emojis=
|
||||||
else:
|
else:
|
||||||
abort(403, error)
|
abort(403, error)
|
||||||
|
|
||||||
banned_domains = g.db.query(BannedDomain).all()
|
|
||||||
for x in banned_domains:
|
|
||||||
for y in domain_list:
|
|
||||||
if y.startswith(x.domain):
|
|
||||||
return error(f'Remove the banned link "{x.domain}" and try again!\nReason for link ban: "{x.reason}"')
|
|
||||||
|
|
||||||
if discord_username_regex.match(sanitized):
|
if discord_username_regex.match(sanitized):
|
||||||
return error("Stop grooming!")
|
return error("Stop grooming!")
|
||||||
|
|
Loading…
Reference in New Issue