forked from rDrama/rDrama
purge fp.js from code
parent
c7a220c504
commit
c31c9d1777
|
|
@ -1,15 +0,0 @@
|
|||
function fp(fp) {
|
||||
const xhr = new XMLHttpRequest();
|
||||
xhr.open("POST", '/fp/'+fp);
|
||||
xhr.setRequestHeader('xhr', 'xhr');
|
||||
const form = new FormData()
|
||||
form.append("formkey", formkey());
|
||||
xhr.send(form);
|
||||
};
|
||||
|
||||
const fpPromise = import('/assets/js/vendor/fp.js?x=8')
|
||||
.then(FingerprintJS => FingerprintJS.load())
|
||||
|
||||
fpPromise
|
||||
.then(fp => fp.get())
|
||||
.then(result => {fp(result.visitorId)})
|
||||
File diff suppressed because one or more lines are too long
|
|
@ -105,7 +105,6 @@ class User(Base):
|
|||
bio_html = Column(String)
|
||||
sig = deferred(Column(String))
|
||||
sig_html = Column(String)
|
||||
fp = Column(String)
|
||||
show_sigs = Column(Boolean, default=True)
|
||||
progressivestack = Column(Integer, default=0)
|
||||
deflector = Column(Integer, default=0)
|
||||
|
|
|
|||
|
|
@ -38,7 +38,6 @@ VAPID_PRIVATE_KEY = environ.get("VAPID_PRIVATE_KEY").strip()
|
|||
CF_KEY = environ.get("CF_KEY").strip()
|
||||
CF_ZONE = environ.get("CF_ZONE").strip()
|
||||
blackjack = environ.get("BLACKJACK", "").strip()
|
||||
FP = environ.get("FP", "").strip()
|
||||
PROGSTACK_MUL = float(environ.get("PROGSTACK_MUL", 2.0))
|
||||
ENCOURAGED = environ.get("ENCOURAGED", "").strip().split()
|
||||
ENCOURAGED2 = environ.get("ENCOURAGED2", "").strip().split()
|
||||
|
|
@ -1151,7 +1150,7 @@ engine = create_engine(environ.get("DATABASE_URL").strip(), connect_args={"optio
|
|||
db_session = scoped_session(sessionmaker(bind=engine, autoflush=False))
|
||||
|
||||
approved_embed_hosts_for_csp = ' '.join(set(x.split('/')[0] for x in approved_embed_hosts))
|
||||
csp = f"default-src 'none'; frame-ancestors 'none'; form-action 'self'; manifest-src 'self'; worker-src 'self'; base-uri 'self'; font-src 'self'; style-src-elem 'self'; style-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; script-src-elem 'self' challenges.cloudflare.com; script-src-attr 'none'; script-src 'self' challenges.cloudflare.com; frame-src challenges.cloudflare.com cdpn.io platform.twitter.com rumble.com player.twitch.tv; connect-src 'self' videos.watchpeopledie.tv use1.fptls.com use1.fptls3.com api.fpjs.io; img-src {approved_embed_hosts_for_csp} data:; media-src {approved_embed_hosts_for_csp};"
|
||||
csp = f"default-src 'none'; frame-ancestors 'none'; form-action 'self'; manifest-src 'self'; worker-src 'self'; base-uri 'self'; font-src 'self'; style-src-elem 'self'; style-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; script-src-elem 'self' challenges.cloudflare.com; script-src-attr 'none'; script-src 'self' challenges.cloudflare.com; frame-src challenges.cloudflare.com cdpn.io platform.twitter.com rumble.com player.twitch.tv; connect-src 'self' videos.watchpeopledie.tv; img-src {approved_embed_hosts_for_csp} data:; media-src {approved_embed_hosts_for_csp};"
|
||||
if not IS_LOCALHOST:
|
||||
csp += ' upgrade-insecure-requests;'
|
||||
|
||||
|
|
|
|||
|
|
@ -138,7 +138,7 @@ def inject_constants():
|
|||
"HOLE_REQUIRED":HOLE_REQUIRED,
|
||||
"DEFAULT_THEME":DEFAULT_THEME, "DESCRIPTION":DESCRIPTION,
|
||||
"has_sidebar":has_sidebar, "has_logo":has_logo,
|
||||
"FP":FP, "patron":patron, "get_setting": get_setting,
|
||||
"patron":patron, "get_setting": get_setting,
|
||||
"SIDEBAR_THREAD":SIDEBAR_THREAD, "BANNER_THREAD":BANNER_THREAD, "BUG_THREAD":BUG_THREAD,
|
||||
"BADGE_THREAD":BADGE_THREAD, "SNAPPY_THREAD":SNAPPY_THREAD, "CHANGELOG_THREAD":CHANGELOG_THREAD,
|
||||
"approved_embed_hosts":approved_embed_hosts, "POST_BODY_LENGTH_LIMIT":POST_BODY_LENGTH_LIMIT,
|
||||
|
|
|
|||
|
|
@ -1251,29 +1251,6 @@ def subscribed_posts(v, username):
|
|||
|
||||
return get_saves_and_subscribes(v, "userpage/posts.html", Subscription, page, False)
|
||||
|
||||
@app.post("/fp/<fp>")
|
||||
@limiter.limit('1/second', scope=rpath)
|
||||
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
|
||||
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
||||
@auth_required
|
||||
def fp(v, fp):
|
||||
if session.get("GLOBAL"):
|
||||
return ''
|
||||
|
||||
v.fp = fp
|
||||
users = g.db.query(User).filter(User.fp == fp, User.id != v.id).all()
|
||||
for u in users:
|
||||
li = [v.id, u.id]
|
||||
g.db.flush()
|
||||
existing = g.db.query(Alt).filter(Alt.user1.in_(li), Alt.user2.in_(li)).one_or_none()
|
||||
if existing: continue
|
||||
add_alt(user1=v.id, user2=u.id)
|
||||
|
||||
check_for_alts(v, include_current_session=True)
|
||||
g.db.add(v)
|
||||
return ''
|
||||
|
||||
@app.post("/toggle_pins/<hole>/<sort>")
|
||||
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
|
||||
def toggle_pins(hole, sort):
|
||||
|
|
|
|||
|
|
@ -124,8 +124,4 @@
|
|||
|
||||
<script defer src="{{'js/mobile_prompt.js' | asset}}"></script>
|
||||
{% endif %}
|
||||
|
||||
{% if FP and request.path == '/' and v and not v.fp %}
|
||||
<script defer src="{{'js/fp.js' | asset}}"></script>
|
||||
{% endif %}
|
||||
{% endblock %}
|
||||
|
|
|
|||
Loading…
Reference in New Issue