indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Merge branch 'main' of gitlab.com:bashrc2/epicyon

merge-requests/30/head
Bob Mottram 2022-07-10 23:24:59 +01:00
parent e4321d0cd7 712beebcb8
commit 571d1e5944
3 changed files with 251 additions and 171 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
content.py
View File

@ -1479,6 +1479,11 @@ def extract_text_fields_in_post(post_bytes, boundary: str, debug: bool,
"""Returns a dictionary containing the text fields of a http form POST
The boundary argument comes from the http header
"""
if boundary == 'LYNX':
if debug:
print('POST from lynx browser')
boundary = '--LYNX'
if not unit_test_data:
msg_bytes = email.parser.BytesParser().parsebytes(post_bytes)
message_fields = msg_bytes.get_payload(decode=True).decode('utf-8')
@ -1486,6 +1491,7 @@ def extract_text_fields_in_post(post_bytes, boundary: str, debug: bool,
message_fields = unit_test_data
if debug:
if 'password' not in message_fields:
print('DEBUG: POST arriving ' + message_fields)
message_fields = message_fields.split(boundary)
@ -1495,6 +1501,10 @@ def extract_text_fields_in_post(post_bytes, boundary: str, debug: bool,
'instanceDescription', 'instanceDescriptionShort',
'subject', 'location', 'imageDescription'
)
if debug:
if 'password' not in message_fields:
print('DEBUG: POST message_fields: ' + str(message_fields))
lynx_content_type = 'Content-Type: text/plain; charset=utf-8\r\n'
# examine each section of the POST, separated by the boundary
for fld in message_fields:
if fld == '--':
@ -1505,14 +1515,30 @@ def extract_text_fields_in_post(post_bytes, boundary: str, debug: bool,
if '"' not in post_str:
continue
post_key = post_str.split('"', 1)[0]
if debug:
print('post_key: ' + post_key)
post_value_str = post_str.split('"', 1)[1]
if boundary == '--LYNX':
post_value_str = \
post_value_str.replace(lynx_content_type, '')
if debug and 'password' not in post_key:
print('boundary: ' + boundary)
print('post_value_str1: ' + post_value_str)
if ';' in post_value_str:
if post_key not in fields_with_semicolon_allowed and \
not post_key.startswith('edited'):
if debug:
print('extract_text_fields_in_post exit 1')
continue
if debug and 'password' not in post_key:
print('post_value_str2: ' + post_value_str)
if '\r\n' not in post_value_str:
if debug:
print('extract_text_fields_in_post exit 2')
continue
post_lines = post_value_str.split('\r\n')
if debug and 'password' not in post_key:
print('post_lines: ' + str(post_lines))
post_value = ''
if len(post_lines) > 2:
for line in range(2, len(post_lines)-1):

40
daemon.py
View File

@ -4739,6 +4739,8 @@ class PubServer(BaseHTTPRequestHandler):
users_path = path.replace('/linksdata', '')
users_path = users_path.replace('/editlinks', '')
actor_str = self._get_instance_url(calling_domain) + users_path
boundary = None
if ' boundary=' in self.headers['Content-type']:
boundary = self.headers['Content-type'].split('boundary=')[1]
if ';' in boundary:
@ -4758,6 +4760,7 @@ class PubServer(BaseHTTPRequestHandler):
self.server.postreq_busy = False
return
if self.headers.get('Content-length'):
length = int(self.headers['Content-length'])
# check that the POST isn't too large
@ -4793,6 +4796,11 @@ class PubServer(BaseHTTPRequestHandler):
tos_filename = base_dir + '/accounts/tos.md'
specification_filename = base_dir + '/accounts/activitypub.md'
if not boundary:
if b'--LYNX' in post_bytes:
boundary = '--LYNX'
if boundary:
# extract all of the text fields into a dict
fields = \
extract_text_fields_in_post(post_bytes, boundary, debug)
@ -4918,6 +4926,8 @@ class PubServer(BaseHTTPRequestHandler):
users_path = users_path.split('/tags/')[0]
actor_str = self._get_instance_url(calling_domain) + users_path
tag_screen_str = actor_str + '/tags/' + hashtag
boundary = None
if ' boundary=' in self.headers['Content-type']:
boundary = self.headers['Content-type'].split('boundary=')[1]
if ';' in boundary:
@ -4937,6 +4947,7 @@ class PubServer(BaseHTTPRequestHandler):
self.server.postreq_busy = False
return
if self.headers.get('Content-length'):
length = int(self.headers['Content-length'])
# check that the POST isn't too large
@ -4967,6 +4978,11 @@ class PubServer(BaseHTTPRequestHandler):
self.server.postreq_busy = False
return
if not boundary:
if b'--LYNX' in post_bytes:
boundary = '--LYNX'
if boundary:
# extract all of the text fields into a dict
fields = \
extract_text_fields_in_post(post_bytes, boundary, debug)
@ -5000,6 +5016,8 @@ class PubServer(BaseHTTPRequestHandler):
users_path = path.replace('/newswiredata', '')
users_path = users_path.replace('/editnewswire', '')
actor_str = self._get_instance_url(calling_domain) + users_path
boundary = None
if ' boundary=' in self.headers['Content-type']:
boundary = self.headers['Content-type'].split('boundary=')[1]
if ';' in boundary:
@ -5019,6 +5037,7 @@ class PubServer(BaseHTTPRequestHandler):
self.server.postreq_busy = False
return
if self.headers.get('Content-length'):
length = int(self.headers['Content-length'])
# check that the POST isn't too large
@ -5051,6 +5070,11 @@ class PubServer(BaseHTTPRequestHandler):
newswire_filename = base_dir + '/accounts/newswire.txt'
if not boundary:
if b'--LYNX' in post_bytes:
boundary = '--LYNX'
if boundary:
# extract all of the text fields into a dict
fields = \
extract_text_fields_in_post(post_bytes, boundary, debug)
@ -5269,6 +5293,8 @@ class PubServer(BaseHTTPRequestHandler):
users_path = path.replace('/newseditdata', '')
users_path = users_path.replace('/editnewspost', '')
actor_str = self._get_instance_url(calling_domain) + users_path
boundary = None
if ' boundary=' in self.headers['Content-type']:
boundary = self.headers['Content-type'].split('boundary=')[1]
if ';' in boundary:
@ -5293,6 +5319,7 @@ class PubServer(BaseHTTPRequestHandler):
self.server.postreq_busy = False
return
if self.headers.get('Content-length'):
length = int(self.headers['Content-length'])
# check that the POST isn't too large
@ -5328,6 +5355,11 @@ class PubServer(BaseHTTPRequestHandler):
self.server.postreq_busy = False
return
if not boundary:
if b'--LYNX' in post_bytes:
boundary = '--LYNX'
if boundary:
# extract all of the text fields into a dict
fields = \
extract_text_fields_in_post(post_bytes, boundary, debug)
@ -5409,6 +5441,8 @@ class PubServer(BaseHTTPRequestHandler):
users_path = path.replace('/profiledata', '')
users_path = users_path.replace('/editprofile', '')
actor_str = self._get_instance_url(calling_domain) + users_path
boundary = None
if ' boundary=' in self.headers['Content-type']:
boundary = self.headers['Content-type'].split('boundary=')[1]
if ';' in boundary:
@ -5422,6 +5456,7 @@ class PubServer(BaseHTTPRequestHandler):
self.server.postreq_busy = False
return
if self.headers.get('Content-length'):
length = int(self.headers['Content-length'])
# check that the POST isn't too large
@ -5455,6 +5490,11 @@ class PubServer(BaseHTTPRequestHandler):
admin_nickname = get_config_param(self.server.base_dir, 'admin')
if not boundary:
if b'--LYNX' in post_bytes:
boundary = '--LYNX'
if boundary:
# get the various avatar, banner and background images
actor_changed = True
profile_media_types = (

14
tests.py
View File

@ -5818,6 +5818,20 @@ def _test_markdown_to_html():
def _test_extract_text_fields_from_post():
print('test_extract_text_fields_in_post')
boundary = '--LYNX'
form_data = '--LYNX\r\nContent-Disposition: form-data; ' + \
'name="fieldName"\r\nContent-Type: text/plain; ' + \
'charset=utf-8\r\n\r\nThis is a lynx test\r\n' + \
'--LYNX\r\nContent-Disposition: ' + \
'form-data; name="submitYes"\r\nContent-Type: text/plain; ' + \
'charset=utf-8\r\n\r\nBUTTON\r\n--LYNX--\r\n'
debug = True
fields = extract_text_fields_in_post(None, boundary, debug, form_data)
print('fields: ' + str(fields))
assert fields
assert fields['fieldName'] == 'This is a lynx test'
assert fields['submitYes'] == 'BUTTON'
boundary = '-----------------------------116202748023898664511855843036'
form_data = '-----------------------------116202748023898664511855' + \
'843036\r\nContent-Disposition: form-data; name="submitPost"' + \