Merge branch 'main' of gitlab.com:bashrc2/epicyon

2022-11-09 18:18:52 +00:00 · 2022-11-09 18:18:52 +00:00 · 11ff873705
parent 0ba5dab646 fad7a0dd6a
commit 11ff873705
6 changed files with 67 additions and 13 deletions
--- a/manual/manual-verified-website.jpg
+++ b/manual/manual-verified-website.jpg
--- a/manual/manual.epub
+++ b/manual/manual.epub
--- a/manual/manual.html
+++ b/manual/manual.html
@ -417,6 +417,23 @@ confident in an erroneous conclusion. Setting a city somewhere near to
 your <a href="https://en.wikipedia.org/wiki/Time_zone">time zone</a> is
 preferable, so that it matches your typical pattern of daily posting
 activity without giving away your real location.</p>
+<h3 id="verifying-your-website-or-blog">Verifying your website or
+blog</h3>
+<p>It is possible to indicate that a website of blog belongs to you by
+linking it to your profile screen. Within the <em>head</em> html section
+of your website or blog index page include a line similar to:</p>
+<div class="sourceCode" id="cb18"><pre
+class="sourceCode html"><code class="sourceCode html"><span id="cb18-1"><a href="#cb18-1" aria-hidden="true" tabindex="-1"></a><span class="kw">&lt;link</span> <span class="er">rel</span><span class="ot">=</span><span class="st">&quot;me&quot;</span> <span class="er">href</span><span class="ot">=</span><span class="st">&quot;https://YourEpicyonDomain/@YourNickname&quot;</span> <span class="kw">/&gt;</span></span></code></pre></div>
+<p>If you edit and then publish your profile, with the <em>website</em>
+and/or <em>blog</em> fields completed then if the above link is found
+your sites will be indicated to be verified on your profile screen. When
+verified they will appear in green with a tick.</p>
+<figure>
+<img src="manual-verified-website.jpg"
+alt="Profile screen showing verified website" />
+<figcaption aria-hidden="true">Profile screen showing verified
+website</figcaption>
+</figure>
 <h2 id="roles">Roles</h2>
 <p>If you are the administrator then within your profile settings you
 can also specify roles for other accounts on the instance. A small
--- a/manual/manual.md
+++ b/manual/manual.md
@ -338,6 +338,15 @@ If you want to block particular fediverse accounts or instances then you can ent
 ### Geolocation spoofing
 Within the *filtering and blocking* section you can also set a city which will be used for geolocation spoofing. When you post a photo, instead of removing all metadata spoofed metadata will be added in order to consistently fool the machine learning systems behind web crawlers or scrapers, and create a [confirmation bias](https://en.wikipedia.org/wiki/Confirmation_bias) effect where the surveillance systems become increasingly confident in an erroneous conclusion. Setting a city somewhere near to your [time zone](https://en.wikipedia.org/wiki/Time_zone) is preferable, so that it matches your typical pattern of daily posting activity without giving away your real location.

+### Verifying your website or blog
+It is possible to indicate that a website of blog belongs to you by linking it to your profile screen. Within the *head* html section of your website or blog index page include a line similar to:
+``` html
+<link rel="me" href="https://YourEpicyonDomain/@YourNickname" />
+```
+If you edit and then publish your profile, with the *website* and/or *blog* fields completed then if the above link is found your sites will be indicated to be verified on your profile screen. When verified they will appear in green with a tick.
+
+![Profile screen showing verified website](manual-verified-website.jpg)
+
 ## Roles
 If you are the administrator then within your profile settings you can also specify roles for other accounts on the instance. A small instance is like a ship with the roles being crew positions, and all members of the crew need to work together to keep the ship afloat. The current roles are:

--- a/markdown.py
+++ b/markdown.py
@ -275,6 +275,14 @@ def _markdown_replace_code(markdown: str) -> str:
    line_ctr = 0
    changed = False
    section_active = False
+    urlencode = False
+    html_escape_table = {
+        "&": "&amp;",
+        '"': "&quot;",
+        "'": "&apos;",
+        ">": "&gt;",
+        "<": "&lt;"
+    }
    for line in lines:
        if not line.strip():
            # skip blank lines
@ -282,13 +290,23 @@ def _markdown_replace_code(markdown: str) -> str:
            continue
        if line.startswith('```'):
            if not section_active:
+                if 'html' in line or 'xml' in line or 'rdf' in line:
+                    urlencode = True
                start_line = line_ctr
                section_active = True
            else:
                lines[start_line] = '<code>'
                lines[line_ctr] = '</code>'
+                if urlencode:
+                    lines[start_line] = '<pre>\n<code>'
+                    lines[line_ctr] = '</code>\n</pre>'
+                for line_num in range(start_line + 1, line_ctr):
+                    lines[line_num] = \
+                        "".join(html_escape_table.get(char, char)
+                                for char in lines[line_num])
                section_active = False
                changed = True
+                urlencode = False
        line_ctr += 1

    if not changed:
--- a/session.py
+++ b/session.py
@ -405,12 +405,22 @@ def verify_html(session, url: str, debug: bool,
            actor = 'http://' + actor
        else:
            actor = http_prefix + '://' + actor
+
+        # double quotes
        link_str = ' rel="me" href="' + actor + '"'
        if link_str in verification_site_html:
            return True
        link_str = ' href="' + actor + '" rel="me"'
        if link_str in verification_site_html:
            return True
+
+        # single quotes
+        link_str = " rel=\"me\" href='" + actor + "'"
+        if link_str in verification_site_html:
+            return True
+        link_str = " href='" + actor + "' rel=\"me\""
+        if link_str in verification_site_html:
+            return True
    return False