indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Check for dangerous markup within image license and creator

merge-requests/30/head
Bob Mottram 2023-01-23 17:54:18 +00:00
parent f0354a101a
commit f6d44107d3
1 changed files with 15 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
webapp_utils.py
View File

@ -11,6 +11,7 @@ import os
from shutil import copyfile from shutil import copyfile
from collections import OrderedDict from collections import OrderedDict
from session import get_json from session import get_json
from utils import dangerous_markup
from utils import acct_handle_dir from utils import acct_handle_dir
from utils import remove_id_ending from utils import remove_id_ending
from utils import get_attachment_property_value from utils import get_attachment_property_value
@ -1237,21 +1238,23 @@ def get_post_attachments_as_html(base_dir: str,
continue continue
media_license = '' media_license = ''
if attach.get('schema:license'): if attach.get('schema:license'):
if not is_filtered(base_dir, nickname, domain, if not dangerous_markup(attach['schema:license'], False):
attach['schema:license'], if not is_filtered(base_dir, nickname, domain,
system_language): attach['schema:license'],
if '://' not in attach['schema:license']: system_language):
if len(attach['schema:license']) < 60: if '://' not in attach['schema:license']:
if len(attach['schema:license']) < 60:
media_license = attach['schema:license']
else:
media_license = attach['schema:license'] media_license = attach['schema:license']
else:
media_license = attach['schema:license']
media_creator = '' media_creator = ''
if attach.get('schema:creator'): if attach.get('schema:creator'):
if not is_filtered(base_dir, nickname, domain, if len(attach['schema:creator']) < 60:
attach['schema:creator'], if not dangerous_markup(attach['schema:creator'], False):
system_language): if not is_filtered(base_dir, nickname, domain,
if len(attach['schema:creator']) < 60: attach['schema:creator'],
media_creator = attach['schema:creator'] system_language):
media_creator = attach['schema:creator']
media_type = attach['mediaType'] media_type = attach['mediaType']
image_description = '' image_description = ''