diff --git a/blog.py b/blog.py
index a8dfcbaa8..9235b8e22 100644
--- a/blog.py
+++ b/blog.py
@@ -819,7 +819,8 @@ def htmlEditBlog(mediaInstance: bool, translate: {},
editBlogForm += \
' '
+ str(messageBoxHeight) + 'px" spellcheck="true">' + \
+ contentStr + ''
editBlogForm += dateAndLocation
if not mediaInstance:
editBlogForm += editBlogImageSection
diff --git a/content.py b/content.py
index bc3db29e6..bf22d7886 100644
--- a/content.py
+++ b/content.py
@@ -979,16 +979,21 @@ def saveMediaInFormPOST(mediaBytes, debug: bool,
return filename, attachmentMediaType
-def extractTextFieldsInPOST(postBytes, boundary, debug: bool) -> {}:
+def extractTextFieldsInPOST(postBytes, boundary, debug: bool,
+ unitTestData=None) -> {}:
"""Returns a dictionary containing the text fields of a http form POST
The boundary argument comes from the http header
"""
- msg = email.parser.BytesParser().parsebytes(postBytes)
+ if not unitTestData:
+ msgBytes = email.parser.BytesParser().parsebytes(postBytes)
+ messageFields = msgBytes.get_payload(decode=True).decode('utf-8')
+ else:
+ messageFields = unitTestData
+
if debug:
- print('DEBUG: POST arriving ' +
- msg.get_payload(decode=True).decode('utf-8'))
- messageFields = msg.get_payload(decode=True)
- messageFields = messageFields.decode('utf-8').split(boundary)
+ print('DEBUG: POST arriving ' + messageFields)
+
+ messageFields = messageFields.split(boundary)
fields = {}
# examine each section of the POST, separated by the boundary
for f in messageFields:
@@ -1002,7 +1007,8 @@ def extractTextFieldsInPOST(postBytes, boundary, debug: bool) -> {}:
postKey = postStr.split('"', 1)[0]
postValueStr = postStr.split('"', 1)[1]
if ';' in postValueStr:
- continue
+ if postKey != 'message':
+ continue
if '\r\n' not in postValueStr:
continue
postLines = postValueStr.split('\r\n')
diff --git a/daemon.py b/daemon.py
index 0cfd5a2ca..fd7aef23d 100644
--- a/daemon.py
+++ b/daemon.py
@@ -13792,6 +13792,7 @@ class PubServer(BaseHTTPRequestHandler):
"editblogpost", "newreminder", "newevent")
for currPostType in postTypes:
if not authorized:
+ print('POST was not authorized')
break
postRedirect = self.server.defaultTimeline
@@ -13805,6 +13806,7 @@ class PubServer(BaseHTTPRequestHandler):
callingDomain, cookie,
authorized)
if pageNumber:
+ print(currPostType + ' post received')
nickname = self.path.split('/users/')[1]
if '?' in nickname:
nickname = nickname.split('?')[0]
diff --git a/default_tos.txt b/default_tos.txt
index 176240893..b74391ab7 100644
--- a/default_tos.txt
+++ b/default_tos.txt
@@ -14,10 +14,16 @@
This instance will not host content containing sexism, racism, casteism, homophobia, transphobia, misogyny, antisemitism or other forms of bigotry or discrimination on the basis of nationality or immigration status. Claims that transgressions of this type were intended to be "ironic" will be treated as a terms of service violation.
+
Even if not conspicuously discriminatory, expressions of support for organizations with discrminatory agendas are not permitted on this instance. These include, but are not limited to, racial supremacist groups, the redpill/incel movement and anti-LGBT or anti-immigrant campaigns.
+
+
Depictions of injury, death or medical procedures are not permitted.
+
Violent or abusive content will be subject to moderation and is likely to be removed.
Content of a sexual nature may be published providing that only consenting adults (aged 18 or over) are depicted and an appropriate content warning message is added. Posting sexual content without a content warning is a terms of service violation. Sexual content is defined both as photographs of real people and also artistic or fictional depictions, edited/generated photos or narratives.
+
Moderators rely upon your reports. Don't assume that something of concern has already been reported. It's better for there to be duplicate reports than for something potentially damaging to go unreported.
+
Content found to be non-compliant with this policy will be removed and any accounts on this instance producing, repeating or linking to such content will be deleted typically without prior notification.
.'
+def testExtractTextFieldsInPOST():
+ print('testExtractTextFieldsInPOST')
+ boundary = '-----------------------------116202748023898664511855843036'
+ formData = '-----------------------------116202748023898664511855' + \
+ '843036\r\nContent-Disposition: form-data; name="submitPost"' + \
+ '\r\n\r\nSubmit\r\n-----------------------------116202748023' + \
+ '898664511855843036\r\nContent-Disposition: form-data; name=' + \
+ '"subject"\r\n\r\n\r\n-----------------------------116202748' + \
+ '023898664511855843036\r\nContent-Disposition: form-data; na' + \
+ 'me="message"\r\n\r\nThis is a ; test\r\n-------------------' + \
+ '----------116202748023898664511855843036\r\nContent-Disposi' + \
+ 'tion: form-data; name="commentsEnabled"\r\n\r\non\r\n------' + \
+ '-----------------------116202748023898664511855843036\r\nCo' + \
+ 'ntent-Disposition: form-data; name="eventDate"\r\n\r\n\r\n' + \
+ '-----------------------------116202748023898664511855843036' + \
+ '\r\nContent-Disposition: form-data; name="eventTime"\r\n\r' + \
+ '\n\r\n-----------------------------116202748023898664511855' + \
+ '843036\r\nContent-Disposition: form-data; name="location"' + \
+ '\r\n\r\n\r\n-----------------------------116202748023898664' + \
+ '511855843036\r\nContent-Disposition: form-data; name=' + \
+ '"imageDescription"\r\n\r\n\r\n-----------------------------' + \
+ '116202748023898664511855843036\r\nContent-Disposition: ' + \
+ 'form-data; name="attachpic"; filename=""\r\nContent-Type: ' + \
+ 'application/octet-stream\r\n\r\n\r\n----------------------' + \
+ '-------116202748023898664511855843036--\r\n'
+ debug = False
+ fields = extractTextFieldsInPOST(None, boundary, debug, formData)
+ assert fields['submitPost'] == 'Submit'
+ assert fields['subject'] == ''
+ assert fields['commentsEnabled'] == 'on'
+ assert fields['eventDate'] == ''
+ assert fields['eventTime'] == ''
+ assert fields['location'] == ''
+ assert fields['imageDescription'] == ''
+ assert fields['message'] == 'This is a ; test'
+
+
def runAllTests():
print('Running tests...')
testFunctions()
+ testExtractTextFieldsInPOST()
testMarkdownToHtml()
testValidHashTag()
testPrepareHtmlPostNickname()
diff --git a/theme/hacker/banner.txt b/theme/hacker/banner.txt
index db5cf9014..e26d52719 100644
--- a/theme/hacker/banner.txt
+++ b/theme/hacker/banner.txt
@@ -1,10 +1,6 @@
- 88888888888 88
- 88 ""
- 88
- 88aaaaa 8b,dPPYba, 88 ,adPPYba, 8b d8 ,adPPYba, 8b,dPPYba,
- 88""""" 88P' "8a 88 a8" "" `8b d8' a8" "8a 88P' `"8a
- 88 88 d8 88 8b `8b d8' 8b d8 88 88
- 88 88b, ,a8" 88 "8a, ,aa `8b,d8' "8a, ,a8" 88 88
- 88888888888 88`YbbdP"' 88 `"Ybbd8"' Y88' `"YbbdP"' 88 88
- 88 d8'
- 88 d8'
+ _____ __ _ __ _ _ E P I C Y O N
+ |_ _| /_/ | | /_/ _ __ ___ __ _ | |_ (_) __ _ _ _ ___
+ | | / _ \ | | / _ \ | '_ ` _ \ / _` | | __| | | / _` | | | | | / _ \
+ | | | __/ | | | __/ | | | | | | | (_| | | |_ | | | (_| | | |_| | | __/
+ |_| \___| |_| \___| |_| |_| |_| \__,_| \__| |_| \__, | \__,_| \___|
+ |_|
diff --git a/webapp_column_left.py b/webapp_column_left.py
index 598b53821..c83a02c21 100644
--- a/webapp_column_left.py
+++ b/webapp_column_left.py
@@ -401,7 +401,8 @@ def htmlEditLinks(cssCache: {}, translate: {}, baseDir: str, path: str,
translate['One link per line. Description followed by the link.'] + \
'