Check for invalid characters

main
Bob Mottram 2020-10-15 09:59:08 +01:00
parent d0d3d85108
commit 511f5cf192
2 changed files with 19 additions and 0 deletions

View File

@ -164,6 +164,7 @@ from shares import getSharesFeedForPerson
from shares import addShare
from shares import removeShare
from shares import expireShares
from utils import containsInvalidChars
from utils import isSystemAccount
from utils import setConfigParam
from utils import getConfigParam
@ -11759,6 +11760,11 @@ class PubServer(BaseHTTPRequestHandler):
self.server.POSTbusy = False
return
if containsInvalidChars(messageBytes.decode("utf-8")):
self._400()
self.server.POSTbusy = False
return
# convert the raw bytes to json
messageJson = json.loads(messageBytes)

View File

@ -273,6 +273,19 @@ def isEvil(domain: str) -> bool:
return False
def containsInvalidChars(jsonStr: str) -> bool:
"""Does the given json string contain invalid characters?
e.g. dubious clacks/admin dogwhistles
"""
invalidStrings = {
'', '', '', '', '', ''
}
for isInvalid in invalidStrings:
if isInvalid in jsonStr:
return True
return False
def createPersonDir(nickname: str, domain: str, baseDir: str,
dirname: str) -> str:
"""Create a directory for a person