indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Check for dangerous markup in about text or ToS

main
Bob Mottram 2020-11-10 12:36:36 +00:00
parent 67ea679887
commit 3019846433
1 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
daemon.py
View File

@ -191,6 +191,7 @@ from utils import isSuspended
from manualapprove import manualDenyFollowRequest from manualapprove import manualDenyFollowRequest
from manualapprove import manualApproveFollowRequest from manualapprove import manualApproveFollowRequest
from announce import createAnnounce from announce import createAnnounce
from content import dangerousMarkup
from content import replaceEmojiFromTags from content import replaceEmojiFromTags
from content import addHtmlTags from content import addHtmlTags
from content import extractMediaInFormPOST from content import extractMediaInFormPOST
@ -2913,20 +2914,22 @@ class PubServer(BaseHTTPRequestHandler):
if nickname == adminNickname: if nickname == adminNickname:
if fields.get('editedAbout'): if fields.get('editedAbout'):
aboutStr = fields['editedAbout'] aboutStr = fields['editedAbout']
aboutFile = open(aboutFilename, "w+") if not dangerousMarkup(aboutStr):
if aboutFile: aboutFile = open(aboutFilename, "w+")
aboutFile.write(aboutStr) if aboutFile:
aboutFile.close() aboutFile.write(aboutStr)
aboutFile.close()
else: else:
if os.path.isfile(aboutFilename): if os.path.isfile(aboutFilename):
os.remove(aboutFilename) os.remove(aboutFilename)
if fields.get('editedTOS'): if fields.get('editedTOS'):
TOSStr = fields['editedTOS'] TOSStr = fields['editedTOS']
TOSFile = open(TOSFilename, "w+") if not dangerousMarkup(TOSStr):
if TOSFile: TOSFile = open(TOSFilename, "w+")
TOSFile.write(TOSStr) if TOSFile:
TOSFile.close() TOSFile.write(TOSStr)
TOSFile.close()
else: else:
if os.path.isfile(TOSFilename): if os.path.isfile(TOSFilename):
os.remove(TOSFilename) os.remove(TOSFilename)