From 7c462bc17f287222acba38590537f713bdf2eb94 Mon Sep 17 00:00:00 2001 From: Aevann Date: Sat, 29 Jul 2023 22:13:37 +0300 Subject: [PATCH] remove a bunch of unnecessary/confusing garbage --- files/helpers/sanitize.py | 24 +++++------------------- files/routes/chat.py | 2 +- files/routes/comments.py | 6 ++++-- files/routes/posts.py | 14 ++++++++++---- files/routes/users.py | 6 ++++-- 5 files changed, 24 insertions(+), 28 deletions(-) diff --git a/files/helpers/sanitize.py b/files/helpers/sanitize.py index 7be3abf4f..ff1b5da43 100644 --- a/files/helpers/sanitize.py +++ b/files/helpers/sanitize.py @@ -294,20 +294,7 @@ def remove_cuniform(sanitized:Optional[str]) -> str: sanitized = sanitized.replace('\u200e','').replace('\u200b','').replace('\u202e','').replace("\ufeff", "") sanitized = sanitized.replace("𒐪","").replace("𒐫","").replace("﷽","") sanitized = sanitized.replace("\r\n", "\n") - return sanitized - -def sanitize_raw_title(sanitized:Optional[str]) -> str: - if not sanitized: return "" - sanitized = sanitized.replace("\r","").replace("\n", "") - sanitized = remove_cuniform(sanitized).strip() - return sanitized[:POST_TITLE_LENGTH_LIMIT] - -def sanitize_raw_body(sanitized:Optional[str], is_post:bool) -> str: - if not sanitized: return "" - sanitized = html_comment_regex.sub('', sanitized) - sanitized = remove_cuniform(sanitized).strip() - return sanitized[:POST_BODY_LENGTH_LIMIT(g.v) if is_post else COMMENT_BODY_LENGTH_LIMIT] - + return sanitized.strip() def sanitize_settings_text(sanitized:Optional[str], max_length:Optional[int]=None) -> str: if not sanitized: return "" @@ -364,7 +351,9 @@ def sanitize(sanitized, golden=True, limit_pings=0, showmore=False, count_emojis else: abort(403, error) - sanitized = sanitized.strip() + sanitized = html_comment_regex.sub('', sanitized) + sanitized = remove_cuniform(sanitized) + if not sanitized: return '' if FEATURES['PING_GROUPS']: @@ -643,15 +632,12 @@ def allowed_attributes_emojis(tag, name, value): @with_sigalrm_timeout(1) -def filter_emojis_only(title, golden=True, count_emojis=False, graceful=False, strip=True): +def filter_emojis_only(title, golden=True, count_emojis=False, graceful=False): title = title.replace("\n", "").replace("\r", "").replace("\t", "").replace('<','<').replace('>','>') title = remove_cuniform(title) - if strip: - title = title.strip() - emojis_used = set() title = render_emoji(title, emoji_regex2, golden, emojis_used, is_title=True) diff --git a/files/routes/chat.py b/files/routes/chat.py index b3161f043..01f280fc0 100644 --- a/files/routes/chat.py +++ b/files/routes/chat.py @@ -84,7 +84,7 @@ def speak(data, v): global messages - text = sanitize_raw_body(data['message'], False)[:CHAT_LENGTH_LIMIT] + text = data['message'][:CHAT_LENGTH_LIMIT] if image: text += f'\n\n{image}' if not text: return '', 400 diff --git a/files/routes/comments.py b/files/routes/comments.py index 7a320ffe9..0842211c1 100644 --- a/files/routes/comments.py +++ b/files/routes/comments.py @@ -152,7 +152,8 @@ def comment(v:User): if level > COMMENT_MAX_DEPTH: abort(400, f"Max comment level is {COMMENT_MAX_DEPTH}") - body = sanitize_raw_body(request.values.get("body", ""), False) + body = request.values.get("body", "") + body = body[:COMMENT_BODY_LENGTH_LIMIT] if not posting_to_post or post_target.id not in ADMIGGER_THREADS: if v.longpost and (len(body) < 280 or ' [](' in body or body.startswith('[](')): @@ -612,7 +613,8 @@ def edit_comment(cid, v): if not c.parent_post and not c.wall_user_id: abort(403) - body = sanitize_raw_body(request.values.get("body", ""), False) + body = request.values.get("body", "") + body = body[:COMMENT_BODY_LENGTH_LIMIT] if len(body) < 1 and not (request.files.get("file") and not g.is_tor): abort(400, "You have to actually type something!") diff --git a/files/routes/posts.py b/files/routes/posts.py index f3f231abf..4e590fe3d 100644 --- a/files/routes/posts.py +++ b/files/routes/posts.py @@ -464,8 +464,11 @@ def submit_post(v:User, sub=None): if '\\' in url: abort(400) - title = sanitize_raw_title(request.values.get("title", "")) - body = sanitize_raw_body(request.values.get("body", ""), True) + title = request.values.get("title", "") + title = title[:POST_TITLE_LENGTH_LIMIT] + + body = request.values.get("body", "") + body = body[:POST_BODY_LENGTH_LIMIT(g.v)] post_ping_group_count = len(list(group_mention_regex.finditer(body))) @@ -1038,8 +1041,11 @@ def edit_post(pid, v): and v.admin_level < PERMS["IGNORE_1WEEk_EDITING_LIMIT"] and v.id not in EXEMPT_FROM_1WEEK_EDITING_LIMIT: abort(403, "You can't edit posts older than 1 week!") - title = sanitize_raw_title(request.values.get("title", "")) - body = sanitize_raw_body(request.values.get("body", ""), True) + title = request.values.get("title", "") + title = title[:POST_TITLE_LENGTH_LIMIT] + + body = request.values.get("body", "") + body = body[:POST_BODY_LENGTH_LIMIT(g.v)] if v.id == p.author_id: if v.longpost and (len(body) < 280 or ' [](' in body or body.startswith('[](')): diff --git a/files/routes/users.py b/files/routes/users.py index 010d3806b..84dff6551 100644 --- a/files/routes/users.py +++ b/files/routes/users.py @@ -622,7 +622,8 @@ def message2(v, username=None, id=None): if v.admin_level <= PERMS['MESSAGE_BLOCKED_USERS'] and hasattr(user, 'is_blocked') and user.is_blocked: abort(403, f"@{user.username} is blocking you!") - body = sanitize_raw_body(request.values.get("message"), False) + body = request.values.get("message", "") + body = body[:COMMENT_BODY_LENGTH_LIMIT] if not g.is_tor and get_setting("dm_media"): body = process_files(request.files, v, body, is_dm=True, dm_user=user) @@ -677,7 +678,8 @@ def message2(v, username=None, id=None): @limiter.limit("6/minute;50/hour;200/day", deduct_when=lambda response: response.status_code < 400, key_func=get_ID) @auth_required def messagereply(v:User): - body = sanitize_raw_body(request.values.get("body"), False) + body = request.values.get("body", "") + body = body[:COMMENT_BODY_LENGTH_LIMIT] id = request.values.get("parent_id") parent = get_comment(id, v=v)