indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Exclude code from markup, unless it is a git patch

main
Bob Mottram 2021-09-19 10:03:19 +01:00
parent 443c9599bf
commit 418897b7ce
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
inbox.py
View File

@ -1870,6 +1870,7 @@ def _validPostContent(baseDir: str, nickname: str, domain: str,
print('WARN: invalid content warning ' + summary) print('WARN: invalid content warning ' + summary)
return False return False
# check for patches before dangeousMarkup, which excludes code
if isGitPatch(baseDir, nickname, domain, if isGitPatch(baseDir, nickname, domain,
messageJson['object']['type'], messageJson['object']['type'],
summary, summary,

2
utils.py
View File

@ -859,7 +859,7 @@ def dangerousMarkup(content: str, allowLocalNetworkAccess: bool) -> bool:
""" """
separators = [['<', '>'], ['&lt;', '&gt;']] separators = [['<', '>'], ['&lt;', '&gt;']]
invalidStrings = [ invalidStrings = [
'script', 'noscript', 'script', 'noscript', 'code',
'canvas', 'style', 'abbr', 'canvas', 'style', 'abbr',
'frame', 'iframe', 'html', 'body', 'frame', 'iframe', 'html', 'body',
'hr', 'allow-popups', 'allow-scripts' 'hr', 'allow-popups', 'allow-scripts'