From d5bd3463e85cb299db49e75b54e278318652e676 Mon Sep 17 00:00:00 2001 From: justcool393 Date: Tue, 4 Oct 2022 14:09:25 -0700 Subject: [PATCH 1/6] disallow permanently banned users from untoggling NSFW can help i guess prevent abuse and creating a situation where dueling NSFW toggles have to be set --- files/routes/posts.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/files/routes/posts.py b/files/routes/posts.py index 2eb00167bf..826a9c8b5d 100644 --- a/files/routes/posts.py +++ b/files/routes/posts.py @@ -1112,6 +1112,9 @@ def toggle_comment_nsfw(cid, v): if comment.author_id != v.id and not v.admin_level > 1 and not (comment.post.sub and v.mods(comment.post.sub)): abort(403) + + if comment.over_18 and v.is_suspended_permanently: + abort(403) comment.over_18 = not comment.over_18 g.db.add(comment) @@ -1134,6 +1137,9 @@ def toggle_post_nsfw(pid, v): if post.author_id != v.id and not v.admin_level > 1 and not (post.sub and v.mods(post.sub)): abort(403) + + if post.over_18 and v.is_suspended_permanently: + abort(403) post.over_18 = not post.over_18 g.db.add(post) From 88c1f1b233db1a4fc344482d54740ddd04b1ecf2 Mon Sep 17 00:00:00 2001 From: Aevann1 Date: Tue, 4 Oct 2022 23:31:23 +0200 Subject: [PATCH 2/6] improve fishylinks_regex --- files/helpers/regex.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/helpers/regex.py b/files/helpers/regex.py index 870908de36..0e32bac553 100644 --- a/files/helpers/regex.py +++ b/files/helpers/regex.py @@ -33,7 +33,7 @@ based_regex = re.compile("based and (.{1,20}?)(-| )pilled", flags=re.I|re.A) controversial_regex = re.compile('["> ](https:\/\/old\.reddit\.com/r/[a-zA-Z0-9_]{3,20}\/comments\/[\w\-.#&/=\?@%+]{5,250})["< ]', flags=re.A) -fishylinks_regex = re.compile("https?://\S+", flags=re.A) +fishylinks_regex = re.compile("https?[:։]\/\/\S+", flags=re.A) spoiler_regex = re.compile('''\|\|(.+)\|\|''', flags=re.A) reddit_regex = re.compile('(^|\s|

)\/?((r|u)\/(\w|-){3,25})(?![^<]*<\/(code|pre|a)>)', flags=re.A) From 4c71bd6b5c4e9df685298b8ed18ca61b84349398 Mon Sep 17 00:00:00 2001 From: justcool393 Date: Tue, 4 Oct 2022 14:33:23 -0700 Subject: [PATCH 3/6] fake colon --- files/helpers/sanitize.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/helpers/sanitize.py b/files/helpers/sanitize.py index 526e11d64b..763df3dabf 100644 --- a/files/helpers/sanitize.py +++ b/files/helpers/sanitize.py @@ -220,7 +220,7 @@ def sanitize(sanitized, golden=True, limit_pings=0, showmore=True, count_marseys sanitized = strikethrough_regex.sub(r'\1\2', sanitized) - sanitized = sanitized.replace('‎','').replace('​','').replace("\ufeff", "").replace("𒐪","") + sanitized = sanitized.replace('‎','').replace('​','').replace("\ufeff", "").replace("𒐪","").replace("։", ":") sanitized = reddit_regex.sub(r'\1/\2', sanitized) sanitized = sub_regex.sub(r'\1/\2', sanitized) From 243cf4eaf87847264c02877fa3d5264ba50d98d1 Mon Sep 17 00:00:00 2001 From: Aevann1 Date: Wed, 5 Oct 2022 00:19:50 +0200 Subject: [PATCH 4/6] Revert "improve fishylinks_regex" This reverts commit 88c1f1b233db1a4fc344482d54740ddd04b1ecf2. --- files/helpers/regex.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/helpers/regex.py b/files/helpers/regex.py index 0e32bac553..870908de36 100644 --- a/files/helpers/regex.py +++ b/files/helpers/regex.py @@ -33,7 +33,7 @@ based_regex = re.compile("based and (.{1,20}?)(-| )pilled", flags=re.I|re.A) controversial_regex = re.compile('["> ](https:\/\/old\.reddit\.com/r/[a-zA-Z0-9_]{3,20}\/comments\/[\w\-.#&/=\?@%+]{5,250})["< ]', flags=re.A) -fishylinks_regex = re.compile("https?[:։]\/\/\S+", flags=re.A) +fishylinks_regex = re.compile("https?://\S+", flags=re.A) spoiler_regex = re.compile('''\|\|(.+)\|\|''', flags=re.A) reddit_regex = re.compile('(^|\s|

)\/?((r|u)\/(\w|-){3,25})(?![^<]*<\/(code|pre|a)>)', flags=re.A) From 947e362c00c2293f7a68b992f359c435baaa0bfe Mon Sep 17 00:00:00 2001 From: Aevann1 Date: Wed, 5 Oct 2022 00:28:48 +0200 Subject: [PATCH 5/6] fix 3e58cf64ceb7a92e6df2e2e09d7c04b4df4d606a --- files/classes/comment.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/files/classes/comment.py b/files/classes/comment.py index f425226aff..0423a5d327 100644 --- a/files/classes/comment.py +++ b/files/classes/comment.py @@ -328,7 +328,8 @@ class Comment(Base): @lazy def realbody(self, v): - if self.post and self.post.club and not (v and (v.paid_dues or v.id in [self.author_id, self.parent_comment.author_id, self.top_comment.author_id, self.post.author_id])): return f"

{CC} ONLY

" + if self.post and self.post.club and not (v and (v.paid_dues or v.id in [self.author_id, self.post.author_id] or (self.parent_comment and v.id == self.parent_comment.author_id))): + return f"

{CC} ONLY

" body = self.body_html or "" @@ -392,7 +393,8 @@ class Comment(Base): @lazy def plainbody(self, v): - if self.post and self.post.club and not (v and (v.paid_dues or v.id in [self.author_id, self.parent_comment.author_id, self.top_comment.author_id, self.post.author_id])): return f"

{CC} ONLY

" + if self.post and self.post.club and not (v and (v.paid_dues or v.id in [self.author_id, self.post.author_id] or (self.parent_comment and v.id == self.parent_comment.author_id))): + return f"{CC} ONLY" body = self.body From f901d5af05473725c9cbe9cbc46fd6f9d2883696 Mon Sep 17 00:00:00 2001 From: justcool393 Date: Tue, 4 Oct 2022 15:29:00 -0700 Subject: [PATCH 6/6] show raw unicode codes instead of the actual characters --- files/helpers/sanitize.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/helpers/sanitize.py b/files/helpers/sanitize.py index 763df3dabf..d6ec18c8a1 100644 --- a/files/helpers/sanitize.py +++ b/files/helpers/sanitize.py @@ -220,7 +220,7 @@ def sanitize(sanitized, golden=True, limit_pings=0, showmore=True, count_marseys sanitized = strikethrough_regex.sub(r'\1\2', sanitized) - sanitized = sanitized.replace('‎','').replace('​','').replace("\ufeff", "").replace("𒐪","").replace("։", ":") + sanitized = sanitized.replace('\u200e','').replace('\u200b','').replace("\ufeff", "").replace("𒐪","").replace("\u0589", ":") sanitized = reddit_regex.sub(r'\1/\2', sanitized) sanitized = sub_regex.sub(r'\1/\2', sanitized)