fsd

files/helpers/const.py

@@ -805,7 +805,7 @@ approved_embed_hosts = [
 
 hosts = "|".join(approved_embed_hosts).replace('.','\.')
 
-image_check_regex = re.compile(f'!\[\]\(((?!(https:\/\/([a-z0-9-]+\.)*({hosts})\/|\/images\/)).*?)\)', flags=re.A)
+image_check_regex = re.compile(f'!\[\]\(((?!(https:\/\/([a-z0-9-]+\.)*({hosts})\/|\/)).*?)\)', flags=re.A)
 
 embed_fullmatch_regex = re.compile(f'https:\/\/([a-z0-9-]+\.)*({hosts})\/[\w:~,()\-.#&\/=?@%;+]*', flags=re.A)
 

files/helpers/filters.py

@@ -1,34 +0,0 @@
-from bs4 import BeautifulSoup
-from flask import *
-from urllib.parse import urlparse
-from files.classes import BannedDomain
-
-def filter_comment_html(html_text):
-
-	soup = BeautifulSoup(html_text, 'lxml')
-
-	links = soup.find_all("a")
-
-	domain_list = set()
-
-	for link in links:
-
-		href = link.get("href")
-		if not href: continue
-		
-		url = urlparse(href)
-		domain = url.netloc
-		path = url.path
-		domain_list.add(domain+path)
-
-		parts = domain.split(".")
-		for i in range(len(parts)):
-			new_domain = parts[i]
-			for j in range(i + 1, len(parts)):
-				new_domain += "." + parts[j]
-				domain_list.add(new_domain)
-
-	bans = [x for x in g.db.query(BannedDomain).filter(BannedDomain.domain.in_(list(domain_list))).all()]
-
-	if bans: return bans
-	else: return []

files/helpers/sanitize.py

@@ -257,6 +257,34 @@ def sanitize(sanitized, alert=False, comment=False, edit=False):
 
 
 
+	soup = BeautifulSoup(sanitized, 'lxml')
+
+	links = soup.find_all("a")
+
+	domain_list = set()
+
+	for link in links:
+
+		href = link.get("href")
+		if not href: continue
+		
+		url = urlparse(href)
+		domain = url.netloc
+		path = url.path
+		domain_list.add(domain+path)
+
+		parts = domain.split(".")
+		for i in range(len(parts)):
+			new_domain = parts[i]
+			for j in range(i + 1, len(parts)):
+				new_domain += "." + parts[j]
+				domain_list.add(new_domain)
+
+	bans = g.db.query(BannedDomain.domain).filter(BannedDomain.domain.in_(list(domain_list))).all()
+
+	if bans: abort(403, description=f"Remove the banned domains {bans} and try again!")
+
+
 	signal.alarm(0)
 
 	return sanitized

files/routes/comments.py

@@ -1,5 +1,4 @@
 from files.helpers.wrappers import *
-from files.helpers.filters import *
 from files.helpers.alerts import *
 from files.helpers.images import *
 from files.helpers.const import *
@@ -323,13 +322,6 @@ def api_comment(v):
 
 	body_html = sanitize(body, comment=True)
 
-	bans = filter_comment_html(body_html)
-
-	if bans:
-		ban = bans[0]
-		reason = f"Remove the {ban.domain} link from your comment and try again."
-		if ban.reason: reason += f" {ban.reason}"
-		return {"error": reason}, 401
 
 	if parent_post.id not in ADMIGGERS and '!slots' not in body.lower() and '!blackjack' not in body.lower() and '!wordle' not in body.lower() and AGENDAPOSTER_PHRASE not in body.lower():
 		existing = g.db.query(Comment.id).filter(Comment.author_id == v.id,
@@ -737,16 +729,6 @@ def edit_comment(cid, v):
 
 		body_html = sanitize(body, edit=True)
 
-		bans = filter_comment_html(body_html)
-
-		if bans:
-			
-			ban = bans[0]
-			reason = f"Remove the {ban.domain} link from your comment and try again."
-			
-			if ban.reason: reason += f" {ban.reason}"	
-		
-			return {'error': reason}, 400
 		if '!slots' not in body.lower() and '!blackjack' not in body.lower() and '!wordle' not in body.lower() and AGENDAPOSTER_PHRASE not in body.lower():
 			now = int(time.time())
 			cutoff = now - 60 * 60 * 24

files/routes/errors.py

@@ -23,8 +23,16 @@ def error_401(e):
 
 @app.errorhandler(403)
 def error_403(e):
-	if request.headers.get("Authorization") or request.headers.get("xhr"): return {"error": "403 Forbidden"}, 403
+
-	else: return render_template('errors/403.html', err=True), 403
+	description = e.description
+	if description == "You don't have the permission to access the requested resource. It is either read-protected or not readable by the server.": description = ''
+	
+	if request.headers.get("Authorization") or request.headers.get("xhr"):
+		if not description: description = "403 Forbidden"
+		return {"error": description}, 403
+	else:
+		if not description: description = "YOU AREN'T WELCOME HERE GO AWAY"
+		return render_template('errors/403.html', description=description, err=True), 403
 
 
 @app.errorhandler(404)

files/routes/posts.py

@@ -3,7 +3,6 @@ import gevent
 import requests
 from files.helpers.wrappers import *
 from files.helpers.sanitize import *
-from files.helpers.filters import *
 from files.helpers.alerts import *
 from files.helpers.discord import send_discord_message, send_cringetopia_message
 from files.helpers.const import *
@@ -510,14 +509,6 @@ def edit_post(pid, v):
 		if v.id == p.author_id and v.marseyawarded and marseyaward_body_regex.search(body_html):
 			return {"error":"You can only type marseys!"}, 403
 
-		bans = filter_comment_html(body_html)
-		if bans:
-			ban = bans[0]
-			reason = f"Remove the {ban.domain} link from your post and try again."
-			if ban.reason:
-				reason += f" {ban.reason}"
-								
-			return {"error": reason}, 403
 
 		p.body = body
 
@@ -1110,12 +1101,7 @@ def submit_post(v, sub=None):
 
 	if len(body_html) > 40000: return error("Submission body_html too long! (max 40k characters)")
 
-	bans = filter_comment_html(body_html)
+
-	if bans:
-		ban = bans[0]
-		reason = f"Remove the {ban.domain} link from your post and try again."
-		if ban.reason: reason += f" {ban.reason}"
-		return error(reason)
 
 	if request.host == 'rdrama.net' and v.admin_level < 2: club = False
 	else: club = bool(request.values.get("club",""))

files/routes/settings.py

@@ -1,7 +1,6 @@
 from __future__ import unicode_literals
 from files.helpers.alerts import *
 from files.helpers.sanitize import *
-from files.helpers.filters import filter_comment_html
 from files.helpers.discord import remove_user, set_nick
 from files.helpers.const import *
 from files.mail import *
@@ -141,16 +140,6 @@ def settings_profile_post(v):
 		sig = image_regex.sub(r'![](\1)', sig)
 
 		sig_html = sanitize(sig)
-		bans = filter_comment_html(sig_html)
-
-
-		if bans:
-			ban = bans[0]
-			reason = f"Remove the {ban.domain} link from your sig and try again."
-			if ban.reason:
-				reason += f" {ban.reason}"
-				
-			return {"error": reason}, 401
 
 		if len(sig_html) > 1000:
 			return render_template("settings_profile.html",
@@ -174,13 +163,6 @@ def settings_profile_post(v):
 		friends = image_regex.sub(r'![](\1)', friends)
 
 		friends_html = sanitize(friends)
-		bans = filter_comment_html(friends_html)
-
-		if bans:
-			ban = bans[0]
-			reason = f"Remove the {ban.domain} link from your friends list and try again."
-			if ban.reason: reason += f" {ban.reason}"
-			return {"error": reason}, 401
 
 		if len(friends_html) > 2000:
 			return render_template("settings_profile.html",
@@ -210,13 +192,6 @@ def settings_profile_post(v):
 		enemies = image_regex.sub(r'![](\1)', enemies)
 
 		enemies_html = sanitize(enemies)
-		bans = filter_comment_html(enemies_html)
-
-		if bans:
-			ban = bans[0]
-			reason = f"Remove the {ban.domain} link from your enemies list and try again."
-			if ban.reason: reason += f" {ban.reason}"
-			return {"error": reason}, 401
 
 		if len(enemies_html) > 2000:
 			return render_template("settings_profile.html",
@@ -266,21 +241,12 @@ def settings_profile_post(v):
 				return render_template("settings_profile.html", v=v, error="Image/Video files only."), 400
 		
 		bio_html = sanitize(bio)
-		bans = filter_comment_html(bio_html)
 
 		if len(bio_html) > 10000:
 			return render_template("settings_profile.html",
 								   v=v,
 								   error="Your bio is too long")
 
-		if bans:
-			ban = bans[0]
-			reason = f"Remove the {ban.domain} link from your bio and try again."
-			if ban.reason:
-				reason += f" {ban.reason}"
-				
-			return {"error": reason}, 401
-
 		if len(bio_html) > 10000: abort(400)
 
 		v.bio = bio[:1500]

files/templates/errors/403.html

@@ -13,7 +13,7 @@
 		<img alt=":#marseytroll:" loading="lazy" src="/e/marseytroll.webp">
 		<pre></pre>
 		<h1 class="h5">403 Forbidden</h1>
-			<p class="text-muted mb-5">YOU AREN'T WELCOME HERE GO AWAY</p>
+			<p class="text-muted mb-5">{{description}}</p>
 			<div><a href="/" class="btn btn-primary">Go to frontpage</a></div>
 		</div>
 	</div>