From b1924e0cdfed7bb620b99a9fc07638ef9b9342cd Mon Sep 17 00:00:00 2001 From: justcool393 Date: Fri, 11 Nov 2022 23:40:17 -0600 Subject: [PATCH] don't bother try checking invalid urls --- files/routes/posts.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/files/routes/posts.py b/files/routes/posts.py index 0febd9084..67ead7497 100644 --- a/files/routes/posts.py +++ b/files/routes/posts.py @@ -1068,6 +1068,8 @@ extensions = IMAGE_FORMATS + VIDEO_FORMATS + AUDIO_FORMATS def get_post_title(v): url = request.values.get("url") if not url or '\\' in url: abort(400) + url = url.strip() + if not url.startswith('http'): abort(400) checking_url = url.lower().split('?')[0].split('%3F')[0] if any((checking_url.endswith(f'.{x}') for x in extensions)):