chat: sanitize raw body
parent
f1bfb87243
commit
d1197bac82
|
@ -384,6 +384,7 @@ COMMENT_BODY_HTML_LENGTH_LIMIT = 20000 # do not make larger than 20000 character
|
||||||
COMMENT_MAX_DEPTH = 200
|
COMMENT_MAX_DEPTH = 200
|
||||||
TRANSFER_MESSAGE_LENGTH_LIMIT = 200 # do not make larger than 10000 characters (comment limit) without altering the table
|
TRANSFER_MESSAGE_LENGTH_LIMIT = 200 # do not make larger than 10000 characters (comment limit) without altering the table
|
||||||
MIN_REPOST_CHECK_URL_LENGTH = 9 # also change the constant in checkRepost() of submit.js
|
MIN_REPOST_CHECK_URL_LENGTH = 9 # also change the constant in checkRepost() of submit.js
|
||||||
|
CHAT_LENGTH_LIMIT = 1000
|
||||||
TRUESCORE_DONATE_LIMIT = 100
|
TRUESCORE_DONATE_LIMIT = 100
|
||||||
COSMETIC_AWARD_COIN_AWARD_PCT = 0.10
|
COSMETIC_AWARD_COIN_AWARD_PCT = 0.10
|
||||||
TRUESCORE_CHAT_LIMIT = 0
|
TRUESCORE_CHAT_LIMIT = 0
|
||||||
|
@ -485,6 +486,8 @@ if SITE == 'rdrama.net':
|
||||||
SNAPPY_THREAD = 37749
|
SNAPPY_THREAD = 37749
|
||||||
NOTIFICATION_THREAD = 6489
|
NOTIFICATION_THREAD = 6489
|
||||||
|
|
||||||
|
CHAT_LENGTH_LIMIT = 200
|
||||||
|
|
||||||
TRUESCORE_CHAT_LIMIT = 10
|
TRUESCORE_CHAT_LIMIT = 10
|
||||||
TRUESCORE_GHOST_LIMIT = 10
|
TRUESCORE_GHOST_LIMIT = 10
|
||||||
|
|
||||||
|
|
|
@ -59,14 +59,13 @@ def speak(data, v):
|
||||||
|
|
||||||
global messages, total
|
global messages, total
|
||||||
|
|
||||||
if SITE == 'rdrama.net': text = data['message'][:200].strip()
|
text = sanitize_raw_body(data['message'], False)[:CHAT_LENGTH_LIMIT]
|
||||||
else: text = data['message'][:1000].strip()
|
if not text: return '', 400
|
||||||
|
|
||||||
if not text: return '', 403
|
|
||||||
text_html = sanitize(text, count_marseys=True)
|
text_html = sanitize(text, count_marseys=True)
|
||||||
quotes = data['quotes']
|
quotes = data['quotes']
|
||||||
recipient = data['recipient']
|
recipient = data['recipient']
|
||||||
data={
|
data = {
|
||||||
"id": str(uuid.uuid4()),
|
"id": str(uuid.uuid4()),
|
||||||
"quotes": quotes,
|
"quotes": quotes,
|
||||||
"avatar": v.profile_url,
|
"avatar": v.profile_url,
|
||||||
|
|
Loading…
Reference in New Issue