249 lines
7.3 KiB
Python
249 lines
7.3 KiB
Python
import bleach
|
|
from bs4 import BeautifulSoup
|
|
from bleach.linkifier import LinkifyFilter
|
|
from urllib.parse import ParseResult, urlunparse, urlparse
|
|
from functools import partial
|
|
from .get import *
|
|
from os import path
|
|
|
|
site = environ.get("DOMAIN").strip()
|
|
|
|
_allowed_tags = tags = ['b',
|
|
'blockquote',
|
|
'br',
|
|
'code',
|
|
'del',
|
|
'em',
|
|
'h1',
|
|
'h2',
|
|
'h3',
|
|
'h4',
|
|
'h5',
|
|
'h6',
|
|
'hr',
|
|
'i',
|
|
'li',
|
|
'ol',
|
|
'p',
|
|
'pre',
|
|
'strong',
|
|
'sub',
|
|
'sup',
|
|
'table',
|
|
'tbody',
|
|
'th',
|
|
'thead',
|
|
'td',
|
|
'tr',
|
|
'ul',
|
|
'marquee',
|
|
'a',
|
|
'img',
|
|
'span',
|
|
]
|
|
|
|
no_images = ['b',
|
|
'blockquote',
|
|
'br',
|
|
'code',
|
|
'del',
|
|
'em',
|
|
'h1',
|
|
'h2',
|
|
'h3',
|
|
'h4',
|
|
'h5',
|
|
'h6',
|
|
'hr',
|
|
'i',
|
|
'li',
|
|
'ol',
|
|
'p',
|
|
'pre',
|
|
'strong',
|
|
'sub',
|
|
'sup',
|
|
'table',
|
|
'tbody',
|
|
'th',
|
|
'thead',
|
|
'td',
|
|
'tr',
|
|
'ul',
|
|
'marquee',
|
|
'a',
|
|
'span',
|
|
]
|
|
|
|
_allowed_attributes = {
|
|
'*': ['href', 'style', 'src', 'class', 'title', 'rel', 'data-original-name']
|
|
}
|
|
|
|
_allowed_protocols = [
|
|
'http',
|
|
'https'
|
|
]
|
|
|
|
_allowed_styles =[
|
|
'color',
|
|
'font-weight',
|
|
'margin-bottom'
|
|
]
|
|
|
|
# filter to make all links show domain on hover
|
|
|
|
def a_modify(attrs, whatever):
|
|
|
|
raw_url=attrs.get((None, "href"), None)
|
|
if raw_url:
|
|
parsed_url = urlparse(raw_url)
|
|
|
|
domain = parsed_url.netloc
|
|
attrs[(None, "target")] = "_blank"
|
|
if domain and not domain.endswith(domain):
|
|
attrs[(None, "rel")] = "nofollow noopener noreferrer"
|
|
|
|
# Force https for all external links in comments
|
|
# (Website already forces its own https)
|
|
new_url = ParseResult(scheme="https",
|
|
netloc=parsed_url.netloc,
|
|
path=parsed_url.path,
|
|
params=parsed_url.params,
|
|
query=parsed_url.query,
|
|
fragment=parsed_url.fragment)
|
|
|
|
attrs[(None, "href")] = urlunparse(new_url)
|
|
|
|
return attrs
|
|
|
|
|
|
def sanitize(sanitized, noimages=False):
|
|
|
|
sanitized = sanitized.replace("\ufeff", "").replace("m.youtube.com", "youtube.com")
|
|
|
|
for i in re.finditer('https://i.imgur.com/(([^_]*?)\.(jpg|png|jpeg))', sanitized):
|
|
sanitized = sanitized.replace(i.group(1), i.group(2) + "_d." + i.group(3) + "?maxwidth=9999")
|
|
|
|
if noimages:
|
|
sanitized = bleach.Cleaner(tags=no_images,
|
|
attributes=_allowed_attributes,
|
|
protocols=_allowed_protocols,
|
|
styles=_allowed_styles,
|
|
filters=[partial(LinkifyFilter,
|
|
skip_tags=["pre"],
|
|
parse_email=False,
|
|
callbacks=[a_modify]
|
|
)
|
|
]
|
|
).clean(sanitized)
|
|
else:
|
|
sanitized = bleach.Cleaner(tags=_allowed_tags,
|
|
attributes=_allowed_attributes,
|
|
protocols=_allowed_protocols,
|
|
styles=_allowed_styles,
|
|
filters=[partial(LinkifyFilter,
|
|
skip_tags=["pre"],
|
|
parse_email=False,
|
|
callbacks=[a_modify]
|
|
)
|
|
]
|
|
).clean(sanitized)
|
|
|
|
#soupify
|
|
soup = BeautifulSoup(sanitized, features="html.parser")
|
|
|
|
#img elements - embed
|
|
for tag in soup.find_all("img"):
|
|
|
|
url = tag.get("src", "")
|
|
if not url: continue
|
|
|
|
if "profile-pic-20" not in tag.get("class", ""):
|
|
#print(tag.get('class'))
|
|
# set classes and wrap in link
|
|
|
|
tag["rel"] = "nofollow noopener noreferrer"
|
|
tag["style"] = "max-height: 100px; max-width: 100%;"
|
|
tag["class"] = "in-comment-image rounded-sm my-2"
|
|
tag["loading"] = "lazy"
|
|
|
|
link = soup.new_tag("a")
|
|
link["href"] = tag["src"]
|
|
link["rel"] = "nofollow noopener noreferrer"
|
|
link["target"] = "_blank"
|
|
|
|
link["onclick"] = f"expandDesktopImage('{tag['src']}');"
|
|
link["data-toggle"] = "modal"
|
|
link["data-target"] = "#expandImageModal"
|
|
|
|
tag.wrap(link)
|
|
|
|
#disguised link preventer
|
|
for tag in soup.find_all("a"):
|
|
|
|
if re.match("https?://\S+", str(tag.string)):
|
|
try:
|
|
tag.string = tag["href"]
|
|
except:
|
|
tag.string = ""
|
|
|
|
#clean up tags in code
|
|
for tag in soup.find_all("code"):
|
|
tag.contents=[x.string for x in tag.contents if x.string]
|
|
|
|
#whatever else happens with images, there are only two sets of classes allowed
|
|
for tag in soup.find_all("img"):
|
|
if 'profile-pic-20' not in tag.attrs.get("class",""):
|
|
tag.attrs['class']="in-comment-image rounded-sm my-2"
|
|
|
|
#table format
|
|
for tag in soup.find_all("table"):
|
|
tag.attrs['class']="table table-striped"
|
|
|
|
for tag in soup.find_all("thead"):
|
|
tag.attrs['class']="bg-primary text-white"
|
|
|
|
|
|
sanitized = str(soup)
|
|
|
|
|
|
start = '<s>'
|
|
end = '</s>'
|
|
if start in sanitized and end in sanitized and start in sanitized.split(end)[0] and end in sanitized.split(start)[1]: sanitized = sanitized.replace(start, '<span class="spoiler">').replace(end, '</span>')
|
|
|
|
for i in re.finditer('<p>:([^ ]{1,30}?):</p>', sanitized):
|
|
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
|
|
sanitized = sanitized.replace(f'<p>:{i.group(1)}:</p>', f'<p><img loading="lazy" data-toggle="tooltip" title="{i.group(1)}" delay="0" height=60 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"</p>')
|
|
|
|
for i in re.finditer(':([^ ]{1,30}?):', sanitized):
|
|
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
|
|
sanitized = sanitized.replace(f':{i.group(1)}:', f'<img loading="lazy" data-toggle="tooltip" title="{i.group(1)}" delay="0" height=30 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>')
|
|
|
|
sanitized = sanitized.replace("https://www.", "https://").replace("https://youtu.be/", "https://youtube.com/watch?v=").replace("https://music.youtube.com/watch?v=", "https://youtube.com/watch?v=").replace("https://open.spotify.com/", "https://open.spotify.com/embed/").replace("https://streamable.com/", "https://streamable.com/e/").replace("https://youtube.com/shorts/", "https://youtube.com/watch?v=").replace("https://mobile.", "https://").replace("https://m.", "https://")
|
|
|
|
for i in re.finditer('" target="_blank">(https://youtube.com/watch\?v\=.*?)</a>', sanitized):
|
|
url = i.group(1)
|
|
replacing = f'<a href="{url}" target="_blank">{url}</a>'
|
|
htmlsource = f'<div style="padding-top:5px; padding-bottom: 10px;"><iframe frameborder="0" src="{url}?controls=0"></iframe></div>'
|
|
sanitized = sanitized.replace(replacing, htmlsource.replace("watch?v=", "embed/"))
|
|
|
|
for i in re.finditer('<a href="(https://streamable.com/e/.*?)"', sanitized):
|
|
url = i.group(1)
|
|
replacing = f'<a href="{url}" target="_blank">{url}</a>'
|
|
htmlsource = f'<div style="padding-top:5px; padding-bottom: 10px;"><iframe frameborder="0" src="{url}?controls=0"></iframe></div>'
|
|
sanitized = sanitized.replace(replacing, htmlsource)
|
|
|
|
for i in re.finditer('<a href="(https://open.spotify.com/embed/.*?)"', sanitized):
|
|
url = i.group(1)
|
|
replacing = f'<a href="{url}" target="_blank">{url}</a>'
|
|
htmlsource = f'<iframe src="{url}" width="100%" height="80" frameBorder="0" allowtransparency="true" allow="encrypted-media"></iframe>'
|
|
sanitized = sanitized.replace(replacing, htmlsource)
|
|
|
|
for rd in ["https://reddit.com/", "https://new.reddit.com/", "https://www.reddit.com/", "https://redd.it/"]:
|
|
sanitized = sanitized.replace(rd, "https://old.reddit.com/")
|
|
|
|
sanitized = re.sub(' (https:\/\/[^ <>]*)', r' <a target="_blank" rel="nofollow noopener noreferrer" href="\1">\1</a>', sanitized)
|
|
sanitized = re.sub('<p>(https:\/\/[^ <>]*)', r'<p><a target="_blank" rel="nofollow noopener noreferrer" href="\1">\1</a>', sanitized)
|
|
|
|
return sanitized
|