From 327ba62bbee20657a1d8ab0a34dc2cd1ce72ef98 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Thu, 4 Jul 2019 19:26:37 +0100 Subject: [PATCH] Validate nicknames --- person.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/person.py b/person.py index f116bebe..ee71fdf6 100644 --- a/person.py +++ b/person.py @@ -26,8 +26,7 @@ def createPerson(baseDir: str,nickname: str,domain: str,port: int, \ httpPrefix: str, saveToFile: bool,password=None) -> (str,str,{},{}): """Returns the private key, public key, actor and webfinger endpoint """ - reservedNames=['inbox','outbox','followers','following','sharedInbox','publicKey'] - if nickname in reservedNames: + if not validNickname(nickname): return None,None,None,None privateKeyPem,publicKeyPem=generateRSAKey() webfingerEndpoint= \ @@ -120,11 +119,16 @@ def validNickname(nickname: str) -> bool: for c in forbiddenChars: if c in nickname: return False + reservedNames=['inbox','outbox','following','followers','sharedInbox'] + if nickname in reservedNames: + return False return True def personLookup(domain: str,path: str,baseDir: str) -> {}: """Lookup the person for an given nickname """ + if path.endswith('#main-key'): + path=path.replace('#main-key','') notPersonLookup=['/inbox','/outbox','/outboxarchive', \ '/followers','/following','/featured', \ '.png','.jpg','.gif','.mpv']