diff --git a/files/helpers/discord.py b/files/helpers/discord.py index f4674ad764..fcc94fd291 100644 --- a/files/helpers/discord.py +++ b/files/helpers/discord.py @@ -42,23 +42,23 @@ def add_role(user, role_name): role_id = ROLES[role_name] url = f"https://discordapp.com/api/guilds/{SERVER_ID}/members/{user.discord_id}/roles/{role_id}" headers = {"Authorization": f"Bot {BOT_TOKEN}"} - requests.put(url, headers=headers) + requests.put(url, headers=headers, timeout=5) @discord_wrap def remove_user(user): url=f"https://discordapp.com/api/guilds/{SERVER_ID}/members/{user.discord_id}" headers = {"Authorization": f"Bot {BOT_TOKEN}"} - requests.delete(url, headers=headers) + requests.delete(url, headers=headers, timeout=5) @discord_wrap def set_nick(user, nick): url=f"https://discordapp.com/api/guilds/{SERVER_ID}/members/{user.discord_id}" headers = {"Authorization": f"Bot {BOT_TOKEN}"} data={"nick": nick} - requests.patch(url, headers=headers, json=data) + requests.patch(url, headers=headers, json=data, timeout=5) def send_message(message): url=f"https://discordapp.com/api/channels/851846904283267094/messages" headers = {"Authorization": f"Bot {BOT_TOKEN}"} data={"content": message} - requests.post(url, headers=headers, data=data) \ No newline at end of file + requests.post(url, headers=headers, data=data, timeout=5) \ No newline at end of file diff --git a/files/routes/discord.py b/files/routes/discord.py index 8a8ed06a86..93641efc27 100644 --- a/files/routes/discord.py +++ b/files/routes/discord.py @@ -67,7 +67,7 @@ def discord_redirect(v): } url="https://discord.com/api/oauth2/token" - x=requests.post(url, headers=headers, data=data) + x=requests.post(url, headers=headers, data=data, timeout=5) x=x.json() @@ -82,7 +82,7 @@ def discord_redirect(v): headers={ 'Authorization': f"Bearer {token}" } - x=requests.get(url, headers=headers) + x=requests.get(url, headers=headers, timeout=5) x=x.json() @@ -95,7 +95,7 @@ def discord_redirect(v): if v.discord_id and v.discord_id != x['id']: url=f"https://discord.com/api/guilds/{SERVER_ID}/members/{v.discord_id}" - requests.delete(url, headers=headers) + requests.delete(url, headers=headers, timeout=5) if g.db.query(User).filter(User.id!=v.id, User.discord_id==x["id"]).first(): return render_template("message.html", title="Discord account already linked.", error="That Discord account is already in use by another user.", v=v) @@ -112,7 +112,7 @@ def discord_redirect(v): "nick":name, } - x=requests.put(url, headers=headers, json=data) + x=requests.put(url, headers=headers, json=data, timeout=5) if x.status_code in [201, 204]: @@ -140,7 +140,7 @@ def discord_redirect(v): "nick": name } - requests.patch(url, headers=headers, json=data) + requests.patch(url, headers=headers, json=data, timeout=5) g.db.commit() diff --git a/files/routes/giphy.py b/files/routes/giphy.py index 5a40c45495..cda7e8565e 100644 --- a/files/routes/giphy.py +++ b/files/routes/giphy.py @@ -19,4 +19,4 @@ def giphy(path=None): url = f"https://api.giphy.com/v1/gifs/search?q={searchTerm}&api_key={GIPHY_KEY}&limit=48" else: url = f"https://api.giphy.com/v1/gifs?api_key={GIPHY_KEY}&limit=48" - return jsonify(requests.get(url).json()) + return jsonify(requests.get(url, timeout=5).json()) diff --git a/files/routes/login.py b/files/routes/login.py index 082d59d3df..151484f1ac 100644 --- a/files/routes/login.py +++ b/files/routes/login.py @@ -294,7 +294,7 @@ def sign_up_post(v): "sitekey": app.config["HCAPTCHA_SITEKEY"]} url = "https://hcaptcha.com/siteverify" - x = requests.post(url, data=data) + x = requests.post(url, data=data, timeout=5) if not x.json()["success"]: return new_signup("Unable to verify captcha [2].") diff --git a/files/routes/posts.py b/files/routes/posts.py index fd50810685..6c6efa00a7 100644 --- a/files/routes/posts.py +++ b/files/routes/posts.py @@ -404,7 +404,7 @@ def thumbnail_thread(pid): headers={"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36"} try: - x=requests.get(fetch_url, headers=headers) + x=requests.get(fetch_url, headers=headers, timeout=5) except: db.close() return @@ -455,7 +455,7 @@ def thumbnail_thread(pid): for url in thumb_candidate_urls: try: - image_req=requests.get(url, headers=headers) + image_req=requests.get(url, headers=headers, timeout=5) except: continue @@ -557,7 +557,7 @@ def submit_post(v): if request.headers.get("Authorization"): return {"error":domain_obj.reason}, 400 else: return render_template("submit.html", v=v, error=domain_obj.reason, title=title, url=url, body=request.values.get("body", "")), 400 elif "twitter.com" in domain: - try: embed = requests.get("https://publish.twitter.com/oembed", params={"url":url, "omit_script":"t"}).json()["html"] + try: embed = requests.get("https://publish.twitter.com/oembed", timeout=5, params={"url":url, "omit_script":"t"}).json()["html"] except: embed = None elif "youtu" in domain: try: @@ -759,7 +759,7 @@ def submit_post(v): elif file.content_type.startswith('video/'): file.save("video.mp4") with open("video.mp4", 'rb') as f: - new_post.url = requests.post('https://catbox.moe/user/api.php', data={'userhash':CATBOX_KEY, 'reqtype':'fileupload'}, files={'fileToUpload':f}).text + new_post.url = requests.post('https://catbox.moe/user/api.php', timeout=5, data={'userhash':CATBOX_KEY, 'reqtype':'fileupload'}, files={'fileToUpload':f}).text g.db.add(new_post) diff --git a/files/routes/settings.py b/files/routes/settings.py index ed82c074db..d1a0183db3 100644 --- a/files/routes/settings.py +++ b/files/routes/settings.py @@ -487,7 +487,7 @@ def gumroad(v): 'access_token': GUMROAD_TOKEN, 'email': v.email } - response = requests.get('https://api.gumroad.com/v2/sales', data=data).json()["sales"] + response = requests.get('https://api.gumroad.com/v2/sales', data=data, timeout=5).json()["sales"] if len(response) == 0: return {"error": "Email not found"}, 404 @@ -981,7 +981,7 @@ def settings_song_change(v): return redirect("/settings/profile") - req = requests.get(f"https://www.googleapis.com/youtube/v3/videos?id={id}&key={YOUTUBE_KEY}&part=contentDetails").json() + req = requests.get(f"https://www.googleapis.com/youtube/v3/videos?id={id}&key={YOUTUBE_KEY}&part=contentDetails", timeout=5).json() duration = req['items'][0]['contentDetails']['duration'] if "H" in duration: return render_template("settings_profile.html",