mirror of https://gitlab.com/bashrc2/epicyon
Validation of published date on incoming posts
This mitigates replay attacks, where an otherwise valid post gets endlessly repeatedmain
parent
fcf94fdb93
commit
31a48db4a4
|
|
@ -22,7 +22,7 @@
|
||||||
</item>
|
</item>
|
||||||
<item>
|
<item>
|
||||||
<title>programming</title>
|
<title>programming</title>
|
||||||
<description>Easer cpp report programming css Python FrancisBacon2020 mixers release ada schutzstreifen rustlang ocaml program matrix uptronics solidarity hypocritcal profiles typescript forums publiccode FreeSoftware rocketchat early adventofcode scripting warn discord spyware git trevornoah copyright daretocare fedidev c sourcecode publiekecode framaforms WendyLPatrick grep django kingparrot Leiharbeit programmer haskell Tarifvertrag frgmntscnr github openrc tuskydev algorithms lisp forge pleaseshare HirsuteHippo resnetting libraries drivers javascript fragment cpm code elisp TeamFerment patterns html terminal rust sauerkraut request spiritbomb r dramasystem clojurescript ruby peppertop contractpatch computers racket python kabelfernsehen OpenSource Scheibenwischer</description>
|
<description>Easer cpp report programming css Python FrancisBacon2020 mixers release ada schutzstreifen rustlang ocaml program matrix uptronics profiles typescript forums publiccode FreeSoftware rocketchat early adventofcode scripting warn discord spyware git trevornoah copyright daretocare fedidev c sourcecode publiekecode framaforms WendyLPatrick grep django kingparrot Leiharbeit programmer haskell Tarifvertrag frgmntscnr github openrc tuskydev algorithms lisp forge pleaseshare HirsuteHippo resnetting libraries drivers javascript fragment cpm code elisp TeamFerment patterns html terminal rust sauerkraut request spiritbomb r dramasystem clojurescript ruby peppertop contractpatch computers racket python kabelfernsehen OpenSource Scheibenwischer</description>
|
||||||
<link/>
|
<link/>
|
||||||
<pubDate>Sun, 20 Dec 2020 20:57:26 UT</pubDate>
|
<pubDate>Sun, 20 Dec 2020 20:57:26 UT</pubDate>
|
||||||
</item>
|
</item>
|
||||||
|
|
@ -52,7 +52,7 @@
|
||||||
</item>
|
</item>
|
||||||
<item>
|
<item>
|
||||||
<title>politics</title>
|
<title>politics</title>
|
||||||
<description>TakeOurPowerBack cia community wageslavery immigration dissent liberation fascism techtuesday skyofmywindow freedomofspeech rojava humanrights leftists Socialism ukpol FreeKeithLamar copwatch capitalismkills petition BorisJohnson freedom abolitionnow anarchism DefundThePolice technews smalltech oilwars bjp ThirdRunway election sky_of_my_window generalstrike antipolitics digitalfreedom mayday hatespeech fascists burntheprisons cyberlaw peerproduction corporations iww commons corporatewatch wageslave frontex communism RemoveThePolice neoliberalism socialecology MutualAid capitalism technology prisons conspiracytheories KeirStarmer politics inclusivity anarchisme nzpol Bookchin brexit totalitarianism TyskySour Labour green BAME decolonizeyourmind surfaceworldblows ecofascism SocietalChange facialrecognition propaganda decolonization digitalrights polizei xp 18Source redandanarchistskinheads PritiPatel latestagecapitalism racist elections RussellMaroonShoatz white prisoners warrants policebrutality borisjohnson Anarchist press mutuality whitehouse freedomofexpression censorship decolonize decenterwhiteness Biden ChineseAppBan cooperative modi law deathtoamerica manipulation britpol Capitalism surveillancecapitalism leftist Revolution ukpolitics blacklivesmatter FreeAlabamaMovement rentstrike dsa techno migration mutualaid multipleexposure AbolishPrison fascist socialcoop anarchistprisoners polizeiproblem wordpress uselection IDPol ourstreets refugees acab freewestpapua tech</description>
|
<description>solidarity hypocritcal TakeOurPowerBack cia community wageslavery immigration dissent liberation fascism techtuesday skyofmywindow freedomofspeech rojava humanrights leftists Socialism ukpol FreeKeithLamar copwatch capitalismkills petition BorisJohnson freedom abolitionnow anarchism DefundThePolice technews smalltech oilwars bjp ThirdRunway election sky_of_my_window generalstrike antipolitics digitalfreedom mayday hatespeech fascists burntheprisons cyberlaw peerproduction corporations iww commons corporatewatch wageslave frontex communism RemoveThePolice neoliberalism socialecology MutualAid capitalism technology prisons conspiracytheories KeirStarmer politics inclusivity anarchisme nzpol Bookchin brexit totalitarianism TyskySour Labour green BAME decolonizeyourmind surfaceworldblows ecofascism SocietalChange facialrecognition propaganda decolonization digitalrights polizei xp 18Source redandanarchistskinheads PritiPatel latestagecapitalism racist elections RussellMaroonShoatz white prisoners warrants policebrutality borisjohnson Anarchist press mutuality whitehouse freedomofexpression censorship decolonize decenterwhiteness Biden ChineseAppBan cooperative modi law deathtoamerica manipulation britpol Capitalism surveillancecapitalism leftist Revolution ukpolitics blacklivesmatter FreeAlabamaMovement rentstrike dsa techno migration mutualaid multipleexposure AbolishPrison fascist socialcoop anarchistprisoners polizeiproblem wordpress uselection IDPol ourstreets refugees acab freewestpapua tech</description>
|
||||||
<link/>
|
<link/>
|
||||||
<pubDate>Sun, 20 Dec 2020 20:57:26 UT</pubDate>
|
<pubDate>Sun, 20 Dec 2020 20:57:26 UT</pubDate>
|
||||||
</item>
|
</item>
|
||||||
|
|
|
||||||
25
inbox.py
25
inbox.py
|
|
@ -71,6 +71,29 @@ from delete import removeOldHashtags
|
||||||
from follow import isFollowingActor
|
from follow import isFollowingActor
|
||||||
|
|
||||||
|
|
||||||
|
def validPostDate(published: str) -> bool:
|
||||||
|
"""Returns true if the published date is recent and is not in the future
|
||||||
|
"""
|
||||||
|
baselineTime = datetime.datetime(1970, 1, 1)
|
||||||
|
|
||||||
|
daysDiff = datetime.datetime.utcnow() - baselineTime
|
||||||
|
nowDaysSinceEpoch = daysDiff.days
|
||||||
|
|
||||||
|
postTimeObject = \
|
||||||
|
datetime.datetime.strptime(published, "%Y-%m-%dT%H:%M:%SZ")
|
||||||
|
daysDiff = postTimeObject - baselineTime
|
||||||
|
postDaysSinceEpoch = daysDiff.days
|
||||||
|
|
||||||
|
if postDaysSinceEpoch > nowDaysSinceEpoch:
|
||||||
|
print("Inbox post has a published date in the future!")
|
||||||
|
return False
|
||||||
|
|
||||||
|
if nowDaysSinceEpoch - postDaysSinceEpoch > 3:
|
||||||
|
print("Inbox post is not recent enough")
|
||||||
|
return False
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
def guessHashtagCategory(tagName: str, hashtagCategories: {}) -> str:
|
def guessHashtagCategory(tagName: str, hashtagCategories: {}) -> str:
|
||||||
"""Tries to guess a category for the given hashtag.
|
"""Tries to guess a category for the given hashtag.
|
||||||
This works by trying to find the longest similar hashtag
|
This works by trying to find the longest similar hashtag
|
||||||
|
|
@ -1611,6 +1634,8 @@ def validPostContent(baseDir: str, nickname: str, domain: str,
|
||||||
return False
|
return False
|
||||||
if 'Z' not in messageJson['object']['published']:
|
if 'Z' not in messageJson['object']['published']:
|
||||||
return False
|
return False
|
||||||
|
if not validPostDate(messageJson['object']['published']):
|
||||||
|
return False
|
||||||
|
|
||||||
if messageJson['object'].get('summary'):
|
if messageJson['object'].get('summary'):
|
||||||
summary = messageJson['object']['summary']
|
summary = messageJson['object']['summary']
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue