indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Different check for links within summary for person objects

merge-requests/30/head
Bob Mottram 2023-06-26 11:36:30 +01:00
parent 2d8e7dfc67
commit 9b1f5ad080
1 changed files with 27 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
daemon.py
View File

@ -2053,21 +2053,33 @@ class PubServer(BaseHTTPRequestHandler):
self.server.postreq_busy = False self.server.postreq_busy = False
return 3 return 3
# check that the summary does not contain links # check that the summary does not contain links
if message_json['object'].get('summary'): if message_json['object'].get('type') and \
if len(message_json['object']['summary']) > 1024: message_json['object'].get('summary'):
print('INBOX: summary is too long ' + if message_json['object']['type'] != 'Person' and \
message_json['actor'] + ' ' + message_json['object']['type'] != 'Application' and \
message_json['object']['summary']) message_json['object']['type'] != 'Group':
self._400() if len(message_json['object']['summary']) > 1024:
self.server.postreq_busy = False print('INBOX: summary is too long ' +
return 3 message_json['actor'] + ' ' +
if '://' in message_json['object']['summary']: message_json['object']['summary'])
print('INBOX: summary should not contain links ' + self._400()
message_json['actor'] + ' ' + self.server.postreq_busy = False
message_json['object']['summary']) return 3
self._400() if '://' in message_json['object']['summary']:
self.server.postreq_busy = False print('INBOX: summary should not contain links ' +
return 3 message_json['actor'] + ' ' +
message_json['object']['summary'])
self._400()
self.server.postreq_busy = False
return 3
else:
if len(message_json['object']['summary']) > 4096:
print('INBOX: person summary is too long ' +
message_json['actor'] + ' ' +
message_json['object']['summary'])
self._400()
self.server.postreq_busy = False
return 3
# if this is a local only post, is it really local? # if this is a local only post, is it really local?
if 'localOnly' in message_json['object'] and \ if 'localOnly' in message_json['object'] and \
message_json['object'].get('to') and \ message_json['object'].get('to') and \