forked from rDrama/rDrama
crgd is a king
parent
f7dea74b37
commit
f72015382a
|
@ -964,8 +964,7 @@ image_regex = re.compile("(^|\s)(https:\/\/[\w\-.#&/=\?@%;+]{5,250}(\.png|\.jpg|
|
|||
|
||||
link_fix_regex = re.compile("(?!.*(http|\/))(.*\[[^\]]+\]\()([^)]+\))", flags=re.A)
|
||||
|
||||
css_regex = re.compile('''url\(['"]?(.*?)['"]?\)''', flags=re.I|re.A)
|
||||
css_regex2 = re.compile('''['"](http.*?)['"]''', flags=re.I|re.A)
|
||||
css_regex = re.compile('https?:\/\/[\w:~,()\-.#&\/=?@%;+]*', flags=re.I|re.A)
|
||||
|
||||
procoins_li = (0,2500,5000,10000,25000,50000,125000,250000)
|
||||
|
||||
|
|
|
@ -966,7 +966,8 @@ def admin_removed_comments(v):
|
|||
def agendaposter(user_id, v):
|
||||
user = g.db.query(User).filter_by(id=user_id).one_or_none()
|
||||
|
||||
days = request.values.get("days") or 30
|
||||
days = min(request.values.get("days", 30), 30)
|
||||
|
||||
expiry = float(days)
|
||||
expiry = int(time.time() + expiry*60*60*24)
|
||||
|
||||
|
|
|
@ -638,9 +638,8 @@ def settings_profilecss(v):
|
|||
profilecss = request.values.get("profilecss").strip().replace('\\', '').strip()[:4000]
|
||||
|
||||
|
||||
urls = list(css_regex.finditer(profilecss)) + list(css_regex2.finditer(profilecss))
|
||||
for i in urls:
|
||||
url = i.group(1)
|
||||
for i in css_regex.finditer(profilecss):
|
||||
url = i.group(0)
|
||||
if not is_safe_url(url):
|
||||
domain = tldextract.extract(url).registered_domain
|
||||
error = f"The domain '{domain}' is not allowed, please use one of these domains\n\n{approved_embed_hosts}."
|
||||
|
|
|
@ -332,9 +332,8 @@ def post_sub_css(v, sub):
|
|||
css = request.values.get('css', '').strip()
|
||||
|
||||
|
||||
urls = list(css_regex.finditer(css)) + list(css_regex2.finditer(css))
|
||||
for i in urls:
|
||||
url = i.group(1)
|
||||
for i in css_regex.finditer(css):
|
||||
url = i.group(0)
|
||||
if not is_safe_url(url):
|
||||
domain = tldextract.extract(url).registered_domain
|
||||
error = f"The domain '{domain}' is not allowed, please use one of these domains\n\n{approved_embed_hosts}."
|
||||
|
|
Loading…
Reference in New Issue