mirror of https://gitlab.com/bashrc2/epicyon
Check for invalid characters
parent
d0d3d85108
commit
511f5cf192
|
@ -164,6 +164,7 @@ from shares import getSharesFeedForPerson
|
|||
from shares import addShare
|
||||
from shares import removeShare
|
||||
from shares import expireShares
|
||||
from utils import containsInvalidChars
|
||||
from utils import isSystemAccount
|
||||
from utils import setConfigParam
|
||||
from utils import getConfigParam
|
||||
|
@ -11759,6 +11760,11 @@ class PubServer(BaseHTTPRequestHandler):
|
|||
self.server.POSTbusy = False
|
||||
return
|
||||
|
||||
if containsInvalidChars(messageBytes.decode("utf-8")):
|
||||
self._400()
|
||||
self.server.POSTbusy = False
|
||||
return
|
||||
|
||||
# convert the raw bytes to json
|
||||
messageJson = json.loads(messageBytes)
|
||||
|
||||
|
|
13
utils.py
13
utils.py
|
@ -273,6 +273,19 @@ def isEvil(domain: str) -> bool:
|
|||
return False
|
||||
|
||||
|
||||
def containsInvalidChars(jsonStr: str) -> bool:
|
||||
"""Does the given json string contain invalid characters?
|
||||
e.g. dubious clacks/admin dogwhistles
|
||||
"""
|
||||
invalidStrings = {
|
||||
'卐', '卍', '࿕', '࿖', '࿗', '࿘'
|
||||
}
|
||||
for isInvalid in invalidStrings:
|
||||
if isInvalid in jsonStr:
|
||||
return True
|
||||
return False
|
||||
|
||||
|
||||
def createPersonDir(nickname: str, domain: str, baseDir: str,
|
||||
dirname: str) -> str:
|
||||
"""Create a directory for a person
|
||||
|
|
Loading…
Reference in New Issue