indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Merge branch 'main' of gitlab.com:bashrc2/epicyon

merge-requests/30/head
Bob Mottram 2022-09-09 19:01:31 +01:00
parent de0795af4a 48db4f58a4
commit cd5570e366
9 changed files with 178 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

142
daemon.py
View File

@ -2801,8 +2801,9 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = options_confirm_params.split('pageNumber=')[1]
if '&' in page_number_str:
page_number_str = page_number_str.split('&')[0]
if page_number_str.isdigit():
page_number = int(page_number_str)
if len(page_number_str) < 5:
if page_number_str.isdigit():
page_number = int(page_number_str)
# actor for the person
options_actor = options_confirm_params.split('actor=')[1]
@ -3887,6 +3888,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = path.split('/searchhandle?page=')[1]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
path = path.split('?page=')[0]
@ -4442,6 +4445,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = path.split('?page=')[1]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
path = path.split('?page=')[0]
@ -4765,6 +4770,8 @@ class PubServer(BaseHTTPRequestHandler):
remove_post_confirm_params.split('pageNumber=')[1]
if '&' in page_number_str:
page_number_str = page_number_str.split('&')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
year_str = None
@ -4798,7 +4805,10 @@ class PubServer(BaseHTTPRequestHandler):
get_nickname_from_actor(remove_post_actor)
if self.post_to_nickname:
if month_str and year_str:
if month_str.isdigit() and year_str.isdigit():
if len(month_str) <= 3 and \
len(year_str) <= 3 and \
month_str.isdigit() and \
year_str.isdigit():
year_int = int(year_str)
month_int = int(month_str)
remove_calendar_event(base_dir,
@ -7901,6 +7911,8 @@ class PubServer(BaseHTTPRequestHandler):
options_profile_url = \
'/users/' + options_profile_url + '/avatar.' + ext
back_to_path = 'moderation'
if len(options_page_number) > 5:
options_page_number = "1"
if options_page_number.isdigit():
page_number = int(options_page_number)
options_link = None
@ -8401,6 +8413,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = path.split('?page=')[1]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
hashtag = path.split('/tags/')[1]
@ -8563,6 +8577,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = page_number_str.split('?')[0]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
timeline_str = 'inbox'
@ -8743,6 +8759,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = page_number_str.split('?')[0]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
timeline_str = 'inbox'
@ -9093,6 +9111,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = page_number_str.split('?')[0]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
timeline_str = 'inbox'
@ -9287,6 +9307,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = page_number_str.split('?')[0]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
timeline_str = 'inbox'
@ -9472,6 +9494,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = page_number_str.split('?')[0]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
timeline_str = 'inbox'
@ -9686,6 +9710,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = page_number_str.split('?')[0]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
timeline_str = 'inbox'
@ -9885,6 +9911,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = page_number_str.split('?')[0]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
timeline_str = 'inbox'
@ -9989,6 +10017,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = page_number_str.split('?')[0]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
timeline_str = 'inbox'
@ -10136,6 +10166,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = page_number_str.split('?')[0]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
timeline_str = 'inbox'
@ -10278,6 +10310,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = page_number_str.split('?')[0]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
delete_url = path.split('?delete=')[1]
@ -10400,6 +10434,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = page_number_str.split('?')[0]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
actor = \
@ -10526,6 +10562,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = page_number_str.split('?')[0]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
actor = \
@ -11629,7 +11667,6 @@ class PubServer(BaseHTTPRequestHandler):
if authorized:
inbox_feed = \
person_box_json(recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -11653,6 +11690,8 @@ class PubServer(BaseHTTPRequestHandler):
if '?page=' in nickname:
page_number = nickname.split('?page=')[1]
nickname = nickname.split('?page=')[0]
if len(page_number) > 5:
page_number = "1"
if page_number.isdigit():
page_number = int(page_number)
else:
@ -11661,7 +11700,6 @@ class PubServer(BaseHTTPRequestHandler):
# if no page was specified then show the first
inbox_feed = \
person_box_json(recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -11804,7 +11842,6 @@ class PubServer(BaseHTTPRequestHandler):
if authorized:
inbox_dm_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -11822,6 +11859,8 @@ class PubServer(BaseHTTPRequestHandler):
if '?page=' in nickname:
page_number = nickname.split('?page=')[1]
nickname = nickname.split('?page=')[0]
if len(page_number) > 5:
page_number = "1"
if page_number.isdigit():
page_number = int(page_number)
else:
@ -11830,7 +11869,6 @@ class PubServer(BaseHTTPRequestHandler):
# if no page was specified then show the first
inbox_dm_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -11963,7 +12001,6 @@ class PubServer(BaseHTTPRequestHandler):
if authorized:
inbox_replies_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -11982,6 +12019,8 @@ class PubServer(BaseHTTPRequestHandler):
if '?page=' in nickname:
page_number = nickname.split('?page=')[1]
nickname = nickname.split('?page=')[0]
if len(page_number) > 5:
page_number = "1"
if page_number.isdigit():
page_number = int(page_number)
else:
@ -11990,7 +12029,6 @@ class PubServer(BaseHTTPRequestHandler):
# if no page was specified then show the first
inbox_replies_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -12121,7 +12159,6 @@ class PubServer(BaseHTTPRequestHandler):
if authorized:
inbox_media_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -12140,6 +12177,8 @@ class PubServer(BaseHTTPRequestHandler):
if '?page=' in nickname:
page_number = nickname.split('?page=')[1]
nickname = nickname.split('?page=')[0]
if len(page_number) > 5:
page_number = "1"
if page_number.isdigit():
page_number = int(page_number)
else:
@ -12148,7 +12187,6 @@ class PubServer(BaseHTTPRequestHandler):
# if no page was specified then show the first
inbox_media_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -12276,7 +12314,6 @@ class PubServer(BaseHTTPRequestHandler):
if authorized:
inbox_blogs_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -12295,6 +12332,8 @@ class PubServer(BaseHTTPRequestHandler):
if '?page=' in nickname:
page_number = nickname.split('?page=')[1]
nickname = nickname.split('?page=')[0]
if len(page_number) > 5:
page_number = "1"
if page_number.isdigit():
page_number = int(page_number)
else:
@ -12303,7 +12342,6 @@ class PubServer(BaseHTTPRequestHandler):
# if no page was specified then show the first
inbox_blogs_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -12432,7 +12470,6 @@ class PubServer(BaseHTTPRequestHandler):
if authorized:
inbox_news_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -12452,6 +12489,8 @@ class PubServer(BaseHTTPRequestHandler):
if '?page=' in nickname:
page_number = nickname.split('?page=')[1]
nickname = nickname.split('?page=')[0]
if len(page_number) > 5:
page_number = "1"
if page_number.isdigit():
page_number = int(page_number)
else:
@ -12462,7 +12501,6 @@ class PubServer(BaseHTTPRequestHandler):
# if no page was specified then show the first
inbox_news_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -12594,7 +12632,6 @@ class PubServer(BaseHTTPRequestHandler):
if authorized:
inbox_features_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -12614,6 +12651,8 @@ class PubServer(BaseHTTPRequestHandler):
if '?page=' in nickname:
page_number = nickname.split('?page=')[1]
nickname = nickname.split('?page=')[0]
if len(page_number) > 5:
page_number = "1"
if page_number.isdigit():
page_number = int(page_number)
else:
@ -12624,7 +12663,6 @@ class PubServer(BaseHTTPRequestHandler):
# if no page was specified then show the first
inbox_features_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -12765,6 +12803,8 @@ class PubServer(BaseHTTPRequestHandler):
if '?page=' in nickname:
page_number = nickname.split('?page=')[1]
nickname = nickname.split('?page=')[0]
if len(page_number) > 5:
page_number = "1"
if page_number.isdigit():
page_number = int(page_number)
else:
@ -12858,6 +12898,8 @@ class PubServer(BaseHTTPRequestHandler):
if '?page=' in nickname:
page_number = nickname.split('?page=')[1]
nickname = nickname.split('?page=')[0]
if len(page_number) > 5:
page_number = "1"
if page_number.isdigit():
page_number = int(page_number)
else:
@ -12946,7 +12988,6 @@ class PubServer(BaseHTTPRequestHandler):
if authorized:
bookmarks_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -12965,6 +13006,8 @@ class PubServer(BaseHTTPRequestHandler):
if '?page=' in nickname:
page_number = nickname.split('?page=')[1]
nickname = nickname.split('?page=')[0]
if len(page_number) > 5:
page_number = "1"
if page_number.isdigit():
page_number = int(page_number)
else:
@ -12973,7 +13016,6 @@ class PubServer(BaseHTTPRequestHandler):
# if no page was specified then show the first
bookmarks_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -13105,7 +13147,6 @@ class PubServer(BaseHTTPRequestHandler):
# get outbox feed for a person
outbox_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir, domain, port, path,
http_prefix, MAX_POSTS_IN_FEED, 'outbox',
authorized,
@ -13119,6 +13160,8 @@ class PubServer(BaseHTTPRequestHandler):
if '?page=' in nickname:
page_number = nickname.split('?page=')[1]
nickname = nickname.split('?page=')[0]
if len(page_number) > 5:
page_number = "1"
if page_number.isdigit():
page_number = int(page_number)
else:
@ -13131,7 +13174,6 @@ class PubServer(BaseHTTPRequestHandler):
page_str = '?page=' + str(page_number)
outbox_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir, domain, port,
path + page_str,
http_prefix,
@ -13242,7 +13284,6 @@ class PubServer(BaseHTTPRequestHandler):
if authorized:
moderation_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -13260,6 +13301,8 @@ class PubServer(BaseHTTPRequestHandler):
if '?page=' in nickname:
page_number = nickname.split('?page=')[1]
nickname = nickname.split('?page=')[0]
if len(page_number) > 5:
page_number = "1"
if page_number.isdigit():
page_number = int(page_number)
else:
@ -13268,7 +13311,6 @@ class PubServer(BaseHTTPRequestHandler):
# if no page was specified then show the first
moderation_feed = \
person_box_json(self.server.recent_posts_cache,
curr_session,
base_dir,
domain,
port,
@ -13413,6 +13455,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = path.split('?page=')[1]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
search_path = path.split('?page=')[0]
@ -13543,6 +13587,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = path.split('?page=')[1]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
search_path = path.split('?page=')[0]
@ -13676,6 +13722,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = path.split('?page=')[1]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
search_path = path.split('?page=')[0]
@ -14045,6 +14093,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = page_number_str.split('?')[0]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
if page_number < 1:
@ -17552,6 +17602,8 @@ class PubServer(BaseHTTPRequestHandler):
reply_to_list.append(reply_handle)
if ment.startswith('page='):
reply_page_str = ment.replace('page=', '')
if len(reply_page_str) > 5:
reply_page_str = "1"
if reply_page_str.isdigit():
reply_page_number = int(reply_page_str)
# if m.startswith('actor='):
@ -17573,6 +17625,8 @@ class PubServer(BaseHTTPRequestHandler):
reply_to_list.append(reply_handle)
if ment.startswith('page='):
reply_page_str = ment.replace('page=', '')
if len(reply_page_str) > 5:
reply_page_str = "1"
if reply_page_str.isdigit():
reply_page_number = int(reply_page_str)
in_reply_to_url = mentions_list[0]
@ -17594,6 +17648,8 @@ class PubServer(BaseHTTPRequestHandler):
reply_to_list.append(reply_handle)
if ment.startswith('page='):
reply_page_str = ment.replace('page=', '')
if len(reply_page_str) > 5:
reply_page_str = "1"
if reply_page_str.isdigit():
reply_page_number = int(reply_page_str)
# if m.startswith('actor='):
@ -17625,6 +17681,8 @@ class PubServer(BaseHTTPRequestHandler):
reply_to_list.append(reply_handle)
elif ment.startswith('page='):
reply_page_str = ment.replace('page=', '')
if len(reply_page_str) > 5:
reply_page_str = "1"
if reply_page_str.isdigit():
reply_page_number = int(reply_page_str)
elif ment.startswith('category='):
@ -18363,6 +18421,14 @@ class PubServer(BaseHTTPRequestHandler):
print(endpoint_type.upper() + ' has no content-length')
self._400()
return
# check that the content length string is not too long
if isinstance(self.headers['Content-length'], str):
max_content_size = len(str(self.server.maxMessageLength))
if len(self.headers['Content-length']) > max_content_size:
self._400()
return
length = int(self.headers['Content-length'])
if length > self.server.max_post_length:
print(endpoint_type.upper() +
@ -19346,7 +19412,10 @@ class PubServer(BaseHTTPRequestHandler):
self.server.base_dir,
nickname,
self.server.domain)
int_duration = int(fields['duration'])
if isinstance(fields['duration'], str):
if len(fields['duration']) > 5:
return -1
int_duration_days = int(fields['duration'])
languages_understood = \
get_understood_languages(self.server.base_dir,
self.server.http_prefix,
@ -19366,7 +19435,7 @@ class PubServer(BaseHTTPRequestHandler):
fields['imageDescription'],
city,
fields['subject'],
int_duration,
int_duration_days,
fields['languagesDropdown'],
self.server.low_bandwidth,
self.server.content_license_url,
@ -19484,6 +19553,8 @@ class PubServer(BaseHTTPRequestHandler):
page_number_str = page_number_str.split('?')[0]
if '#' in page_number_str:
page_number_str = page_number_str.split('#')[0]
if len(page_number_str) > 5:
page_number_str = "1"
if page_number_str.isdigit():
page_number = int(page_number_str)
path = path.split('?page=')[0]
@ -20361,13 +20432,28 @@ class PubServer(BaseHTTPRequestHandler):
'_POST', 'check path',
self.server.debug)
is_media_content = False
if self.headers['Content-type'].startswith('image/') or \
self.headers['Content-type'].startswith('video/') or \
self.headers['Content-type'].startswith('audio/'):
is_media_content = True
# check that the content length string is not too long
if isinstance(self.headers['Content-length'], str):
if not is_media_content:
max_content_size = len(str(self.server.maxMessageLength))
else:
max_content_size = len(str(self.server.maxMediaSize))
if len(self.headers['Content-length']) > max_content_size:
self._400()
self.server.postreq_busy = False
return
# read the message and convert it into a python dictionary
length = int(self.headers['Content-length'])
if self.server.debug:
print('DEBUG: content-length: ' + str(length))
if not self.headers['Content-type'].startswith('image/') and \
not self.headers['Content-type'].startswith('video/') and \
not self.headers['Content-type'].startswith('audio/'):
if not is_media_content:
if length > self.server.maxMessageLength:
print('Maximum message length exceeded ' + str(length))
self._400()

39
desktop_client.py
View File

@ -355,8 +355,7 @@ def _speaker_mimic3(pitch: int, rate: int, srange: int,
if pitch > 75:
voice = 'en_US/vctk_low'
length_scale = str(1.2 - (rate / 600.0))
if srange > 100:
srange = 100
srange = min(srange, 100)
noise_w = str(srange / 100.0)
text = html.unescape(say_text).replace('"', "'")
if not text:
@ -1701,9 +1700,13 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
post_index_str = command_str.split('read ')[1]
else:
post_index_str = command_str.split('show ')[1]
if len(post_index_str) > 5:
post_index_str = "1"
if box_json and post_index_str.isdigit():
_desktop_clear_screen()
_desktop_show_banner()
if len(post_index_str) > 5:
post_index_str = "1"
post_index = int(post_index_str)
post_json_object = \
_read_local_box_post(session, nickname, domain,
@ -1764,6 +1767,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
elif not actor_json and box_json:
_desktop_clear_screen()
_desktop_show_banner()
if len(post_index_str) > 5:
post_index_str = "1"
post_index = int(post_index_str)
actor_json = \
_desktop_show_profile(session, nickname, domain,
@ -1870,6 +1875,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_index = 0
if ' ' in command_str:
post_index = command_str.split(' ')[-1].strip()
if len(post_index) > 5:
post_index = "1"
if post_index.isdigit():
curr_index = int(post_index)
if curr_index > 0 and box_json:
@ -1909,6 +1916,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_index = 0
if ' ' in command_str:
post_index = command_str.split(' ')[-1].strip()
if len(post_index) > 5:
post_index = "1"
if post_index.isdigit():
curr_index = int(post_index)
if curr_index > 0 and box_json:
@ -1941,6 +1950,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_index = 0
if ' ' in command_str:
post_index = command_str.split(' ')[-1].strip()
if len(post_index) > 5:
post_index = "1"
if post_index.isdigit():
curr_index = int(post_index)
if curr_index > 0 and box_json:
@ -1983,6 +1994,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_index = 0
if ' ' in command_str:
post_index = command_str.split(' ')[-1].strip()
if len(post_index) > 5:
post_index = "1"
if post_index.isdigit():
curr_index = int(post_index)
if curr_index > 0 and box_json:
@ -2015,6 +2028,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_index = 0
if ' ' in command_str:
post_index = command_str.split(' ')[-1].strip()
if len(post_index) > 5:
post_index = "1"
if post_index.isdigit():
curr_index = int(post_index)
if curr_index > 0 and box_json:
@ -2046,6 +2061,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_index = 0
if ' ' in command_str:
post_index = command_str.split(' ')[-1].strip()
if len(post_index) > 5:
post_index = "1"
if post_index.isdigit():
curr_index = int(post_index)
if curr_index > 0 and box_json:
@ -2082,6 +2099,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_index = 0
if ' ' in command_str:
post_index = command_str.split(' ')[-1].strip()
if len(post_index) > 5:
post_index = "1"
if post_index.isdigit():
curr_index = int(post_index)
else:
@ -2128,6 +2147,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_index = 0
if ' ' in command_str:
post_index = command_str.split(' ')[-1].strip()
if len(post_index) > 5:
post_index = "1"
if post_index.isdigit():
curr_index = int(post_index)
if curr_index > 0 and box_json:
@ -2160,6 +2181,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_index = 0
if ' ' in command_str:
post_index = command_str.split(' ')[-1].strip()
if len(post_index) > 5:
post_index = "1"
if post_index.isdigit():
curr_index = int(post_index)
if curr_index > 0 and box_json:
@ -2203,6 +2226,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_index = 0
if ' ' in command_str:
post_index = command_str.split(' ')[-1].strip()
if len(post_index) > 5:
post_index = "1"
if post_index.isdigit():
curr_index = int(post_index)
if curr_index > 0 and box_json:
@ -2236,6 +2261,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_page = 1
if ' ' in command_str:
page_num = command_str.split(' ')[-1].strip()
if len(page_num) > 5:
page_num = "1"
if page_num.isdigit():
curr_page = int(page_num)
follow_requests_json = \
@ -2255,6 +2282,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_page = 1
if ' ' in command_str:
page_num = command_str.split(' ')[-1].strip()
if len(page_num) > 5:
page_num = "1"
if page_num.isdigit():
curr_page = int(page_num)
following_json = \
@ -2275,6 +2304,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_page = 1
if ' ' in command_str:
page_num = command_str.split(' ')[-1].strip()
if len(page_num) > 5:
page_num = "1"
if page_num.isdigit():
curr_page = int(page_num)
followers_json = \
@ -2484,6 +2515,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_index = 0
if ' ' in command_str:
post_index = command_str.split(' ')[-1].strip()
if len(post_index) > 5:
post_index = "1"
if post_index.isdigit():
curr_index = int(post_index)
if curr_index > 0 and box_json:
@ -2555,6 +2588,8 @@ def run_desktop_client(base_dir: str, proxy_type: str, http_prefix: str,
curr_index = 0
if ' ' in command_str:
post_index = command_str.split(' ')[-1].strip()
if len(post_index) > 5:
post_index = "1"
if post_index.isdigit():
curr_index = int(post_index)
if curr_index > 0 and box_json:

2
follow.py
View File

@ -453,6 +453,8 @@ def get_following_feed(base_dir: str, domain: str, port: int, path: str,
page_number = None
if '?page=' in path:
page_number = path.split('?page=')[1]
if len(page_number) > 5:
page_number = "1"
if page_number == 'true' or not authorized:
page_number = 1
else:

10
person.py
View File

@ -963,7 +963,7 @@ def person_lookup(domain: str, path: str, base_dir: str) -> {}:
def person_box_json(recent_posts_cache: {},
session, base_dir: str, domain: str, port: int, path: str,
base_dir: str, domain: str, port: int, path: str,
http_prefix: str, no_of_items: int, boxname: str,
authorized: bool,
newswire_votes_threshold: int, positive_voting: bool,
@ -986,6 +986,8 @@ def person_box_json(recent_posts_cache: {},
page_number = None
if '?page=' in path:
page_number = path.split('?page=')[1]
if len(page_number) > 5:
page_number = 1
if page_number == 'true':
page_number = 1
else:
@ -1776,6 +1778,12 @@ def valid_sending_actor(session, base_dir: str,
if not actor_json.get('preferredUsername'):
print('REJECT: no preferredUsername within actor ' + str(actor_json))
return False
actor_spam_filter_filename = \
acct_dir(base_dir, nickname, domain) + '/.reject_spam_actors'
if not os.path.isfile(actor_spam_filter_filename):
return True
# does the actor have a bio ?
if not unit_test:
bio_str = ''

2
shares.py
View File

@ -462,6 +462,8 @@ def get_shares_feed_for_person(base_dir: str,
page_number = None
if '?page=' in path:
page_number = path.split('?page=')[1]
if len(page_number) > 5:
page_number = 1
if page_number == 'true':
page_number = 1
else:

2
utils.py
View File

@ -1110,7 +1110,7 @@ def dangerous_markup(content: str, allow_local_network_access: bool) -> bool:
return True
invalid_strings = [
'script', 'noscript', 'pre',
'canvas', 'style', 'abbr',
'canvas', 'style', 'abbr', 'input',
'frame', 'iframe', 'html', 'body',
'hr', 'allow-popups', 'allow-scripts',
'amp-'

15
webapp_calendar.py
View File

@ -341,16 +341,19 @@ def html_calendar(person_cache: {}, translate: {},
if '=' in part:
if part.split('=')[0] == 'year':
num_str = part.split('=')[1]
if num_str.isdigit():
year = int(num_str)
if len(num_str) <= 5:
if num_str.isdigit():
year = int(num_str)
elif part.split('=')[0] == 'month':
num_str = part.split('=')[1]
if num_str.isdigit():
month_number = int(num_str)
if len(num_str) <= 3:
if num_str.isdigit():
month_number = int(num_str)
elif part.split('=')[0] == 'day':
num_str = part.split('=')[1]
if num_str.isdigit():
day_number = int(num_str)
if len(num_str) <= 3:
if num_str.isdigit():
day_number = int(num_str)
elif part.split('=')[0] == 'ical':
bool_str = part.split('=')[1]
if bool_str.lower().startswith('t'):

2
webapp_frontscreen.py
View File

@ -56,7 +56,7 @@ def _html_front_screen_posts(recent_posts_cache: {}, max_recent_posts: int,
'/users/' + nickname + '/' + box_name + \
'?page=' + str(curr_page)
outbox_feed = \
person_box_json({}, session, base_dir, domain, port,
person_box_json({}, base_dir, domain, port,
outbox_feed_path_str,
http_prefix, 10, box_name,
authorized, 0, False, 0)

7
webapp_profile.py
View File

@ -1130,7 +1130,7 @@ def _html_profile_posts(recent_posts_cache: {}, max_recent_posts: int,
'/users/' + nickname + '/' + box_name + '?page=' + \
str(curr_page)
outbox_feed = \
person_box_json({}, session, base_dir, domain,
person_box_json({}, base_dir, domain,
port,
outbox_feed_path_str,
http_prefix,
@ -1981,8 +1981,7 @@ def _html_edit_profile_background(news_instance: bool, translate: {}) -> str:
return edit_profile_form
def _html_edit_profile_contact_info(nickname: str,
email_address: str,
def _html_edit_profile_contact_info(email_address: str,
xmpp_address: str,
matrix_address: str,
ssb_address: str,
@ -2478,7 +2477,7 @@ def html_edit_profile(server, translate: {},
# Contact information
edit_profile_form += \
_html_edit_profile_contact_info(nickname, email_address,
_html_edit_profile_contact_info(email_address,
xmpp_address, matrix_address,
ssb_address, tox_address,
briar_address,