def valid_url(prop, value, report, generate_https_urls):
"""Validate a URL in the stylesheet.
The only valid URLs for use in a stylesheet are the custom image format
(%%example%%) which this function will translate to actual URLs.
"""
try:
url = value.getStringValue()
except IndexError:
g.log.error("Problem validating [%r]" % value)
raise
m = custom_img_urls.match(url)
if m:
name = m.group(1)
# this relies on localcache to not be doing a lot of lookups
images = ImagesByWikiPage.get_images(c.site, "config/stylesheet")
if name in images:
if not generate_https_urls:
url = images[name]
else:
url = g.media_provider.convert_to_https(images[name])
value._setCssText("url(%s)" % url)
else:
# unknown image label -> error
report.append(
ValidationError(
msgs['broken_url'] % dict(brokenurl=value.cssText), value))
else:
report.append(ValidationError(msgs["custom_images_only"], value))
def valid_url(prop, value, report, generate_https_urls):
"""Validate a URL in the stylesheet.
The only valid URLs for use in a stylesheet are the custom image format
(%%example%%) which this function will translate to actual URLs.
"""
try:
url = value.getStringValue()
except IndexError:
g.log.error("Problem validating [%r]" % value)
raise
m = custom_img_urls.match(url)
if m:
name = m.group(1)
# this relies on localcache to not be doing a lot of lookups
images = ImagesByWikiPage.get_images(c.site, "config/stylesheet")
if name in images:
if not generate_https_urls:
url = images[name]
else:
url = g.media_provider.convert_to_https(images[name])
value._setCssText("url(%s)" % url)
else:
# unknown image label -> error
report.append(ValidationError(msgs["broken_url"] % dict(brokenurl=value.cssText), value))
else:
report.append(ValidationError(msgs["custom_images_only"], value))
def images(self):
sr_images = ImagesByWikiPage.get_images(c.site, "config/stylesheet")
images = []
for name, url in sr_images.iteritems():
images.append({'name': name,
'link': 'url(%%%%%s%%%%)' % name,
'url': url})
return images
def images(self):
sr_images = ImagesByWikiPage.get_images(c.site, "config/stylesheet")
images = []
for name, url in sr_images.iteritems():
images.append({'name': name,
'link': 'url(%%%%%s%%%%)' % name,
'url': url})
return images
def valid_url(prop, value, report, generate_https_urls, enforce_custom_images_only):
"""
checks url(...) arguments in CSS, ensuring that the contents are
officially sanctioned. Sanctioned urls include:
* anything in /static/
* image labels %%..%% for images uploaded on /about/stylesheet
* urls with domains in g.allowed_css_linked_domains
"""
try:
url = value.getStringValue()
except IndexError:
g.log.error("Problem validating [%r]" % value)
raise
# local urls are allowed
if local_urls.match(url):
if enforce_custom_images_only:
report.append(ValidationError(msgs["custom_images_only"], value))
return
t_url = None
while url != t_url:
t_url, url = url, filters.url_unescape(url)
# disallow path trickery
if "../" in url:
report.append(ValidationError(msgs["broken_url"] % dict(brokenurl=value.cssText), value))
# custom urls are allowed, but need to be transformed into a real path
elif custom_img_urls.match(url):
name = custom_img_urls.match(url).group(1)
# this relies on localcache to not be doing a lot of lookups
images = ImagesByWikiPage.get_images(c.site, "config/stylesheet")
if name in images:
if not generate_https_urls:
url = images[name]
else:
url = s3_direct_https(images[name])
value._setCssText("url(%s)" % url)
else:
# unknown image label -> error
report.append(ValidationError(msgs["broken_url"] % dict(brokenurl=value.cssText), value))
else:
if enforce_custom_images_only:
report.append(ValidationError(msgs["custom_images_only"], value))
return
try:
u = urlparse(url)
valid_scheme = u.scheme and u.scheme in valid_url_schemes
valid_domain = u.netloc in g.allowed_css_linked_domains
except ValueError:
u = False
# allowed domains are ok
if not (u and valid_scheme and valid_domain):
report.append(ValidationError(msgs["broken_url"] % dict(brokenurl=value.cssText), value))
def wikimarkdown(text, include_toc=True, target=None):
from r2.lib.template_helpers import make_url_protocol_relative
# this hard codes the stylesheet page for now, but should be parameterized
# in the future to allow per-page images.
from r2.models.wiki import ImagesByWikiPage
from r2.lib.utils import UrlParser
from r2.lib.template_helpers import add_sr
page_images = ImagesByWikiPage.get_images(c.site, "config/stylesheet")
def img_swap(tag):
name = tag.get('src')
name = custom_img_url.search(name)
name = name and name.group(1)
if name and name in page_images:
url = page_images[name]
url = make_url_protocol_relative(url)
tag['src'] = url
else:
tag.extract()
nofollow = True
text = snudown.markdown(_force_utf8(text),
nofollow,
target,
renderer=snudown.RENDERER_WIKI)
# TODO: We should test how much of a load this adds to the app
soup = BeautifulSoup(text.decode('utf-8'))
images = soup.findAll('img')
if images:
[img_swap(image) for image in images]
def add_ext_to_link(link):
url = UrlParser(link.get('href'))
if url.is_reddit_url():
link['href'] = add_sr(link.get('href'), sr_path=False)
if c.render_style == 'compact':
links = soup.findAll('a')
[add_ext_to_link(a) for a in links]
if include_toc:
tocdiv = generate_table_of_contents(soup, prefix="wiki")
if tocdiv:
soup.insert(0, tocdiv)
text = str(soup)
return SC_OFF + WIKI_MD_START + text + WIKI_MD_END + SC_ON
def valid_url(prop, value, report):
"""
checks url(...) arguments in CSS, ensuring that the contents are
officially sanctioned. Sanctioned urls include:
* anything in /static/
* image labels %%..%% for images uploaded on /about/stylesheet
* urls with domains in g.allowed_css_linked_domains
"""
try:
url = value.getStringValue()
except IndexError:
g.log.error("Problem validating [%r]" % value)
raise
# local urls are allowed
if local_urls.match(url):
t_url = None
while url != t_url:
t_url, url = url, filters.url_unescape(url)
# disallow path trickery
if "../" in url:
report.append(
ValidationError(
msgs['broken_url'] % dict(brokenurl=value.cssText), value))
# custom urls are allowed, but need to be transformed into a real path
elif custom_img_urls.match(url):
name = custom_img_urls.match(url).group(1)
# this relies on localcache to not be doing a lot of lookups
images = ImagesByWikiPage.get_images(c.site, "config/stylesheet")
if name in images:
url = s3_https_if_secure(images[name])
value._setCssText("url(%s)" % url)
else:
# unknown image label -> error
report.append(
ValidationError(
msgs['broken_url'] % dict(brokenurl=value.cssText), value))
else:
try:
u = urlparse(url)
valid_scheme = u.scheme and u.scheme in valid_url_schemes
valid_domain = u.netloc in g.allowed_css_linked_domains
except ValueError:
u = False
# allowed domains are ok
if not (u and valid_scheme and valid_domain):
report.append(
ValidationError(
msgs['broken_url'] % dict(brokenurl=value.cssText), value))
def wikimarkdown(text, include_toc=True, target=None):
from r2.lib.template_helpers import make_url_protocol_relative
# this hard codes the stylesheet page for now, but should be parameterized
# in the future to allow per-page images.
from r2.models.wiki import ImagesByWikiPage
from r2.lib.utils import UrlParser
from r2.lib.template_helpers import add_sr
page_images = ImagesByWikiPage.get_images(c.site, "config/stylesheet")
def img_swap(tag):
name = tag.get('src')
name = custom_img_url.search(name)
name = name and name.group(1)
if name and name in page_images:
url = page_images[name]
url = make_url_protocol_relative(url)
tag['src'] = url
else:
tag.extract()
nofollow = True
text = snudown.markdown(_force_utf8(text), nofollow, target,
renderer=snudown.RENDERER_WIKI)
# TODO: We should test how much of a load this adds to the app
soup = BeautifulSoup(text.decode('utf-8'))
images = soup.findAll('img')
if images:
[img_swap(image) for image in images]
def add_ext_to_link(link):
url = UrlParser(link.get('href'))
if url.is_reddit_url():
link['href'] = add_sr(link.get('href'), sr_path=False)
if c.render_style == 'compact':
links = soup.findAll('a')
[add_ext_to_link(a) for a in links]
if include_toc:
tocdiv = generate_table_of_contents(soup, prefix="wiki")
if tocdiv:
soup.insert(0, tocdiv)
text = str(soup)
return SC_OFF + WIKI_MD_START + text + WIKI_MD_END + SC_ON
def wikimarkdown(text, include_toc=True, target=None):
from r2.lib.template_helpers import s3_https_if_secure
# this hard codes the stylesheet page for now, but should be parameterized
# in the future to allow per-page images.
from r2.models.wiki import ImagesByWikiPage
page_images = ImagesByWikiPage.get_images(c.site, "config/stylesheet")
def img_swap(tag):
name = tag.get('src')
name = custom_img_url.search(name)
name = name and name.group(1)
if name and name in page_images:
url = page_images[name]
url = s3_https_if_secure(url)
tag['src'] = url
else:
tag.extract()
nofollow = True
text = snudown.markdown(_force_utf8(text),
nofollow,
target,
renderer=snudown.RENDERER_WIKI)
# TODO: We should test how much of a load this adds to the app
soup = BeautifulSoup(text.decode('utf-8'))
images = soup.findAll('img')
if images:
[img_swap(image) for image in images]
if include_toc:
tocdiv = generate_table_of_contents(soup, prefix="wiki")
if tocdiv:
soup.insert(0, tocdiv)
text = str(soup)
return SC_OFF + WIKI_MD_START + text + WIKI_MD_END + SC_ON
def wikimarkdown(text, include_toc=True, target=None):
from r2.lib.template_helpers import media_https_if_secure
# this hard codes the stylesheet page for now, but should be parameterized
# in the future to allow per-page images.
from r2.models.wiki import ImagesByWikiPage
page_images = ImagesByWikiPage.get_images(c.site, "config/stylesheet")
def img_swap(tag):
name = tag.get('src')
name = custom_img_url.search(name)
name = name and name.group(1)
if name and name in page_images:
url = page_images[name]
url = media_https_if_secure(url)
tag['src'] = url
else:
tag.extract()
nofollow = True
text = snudown.markdown(_force_utf8(text), nofollow, target,
renderer=snudown.RENDERER_WIKI)
# TODO: We should test how much of a load this adds to the app
soup = BeautifulSoup(text.decode('utf-8'))
images = soup.findAll('img')
if images:
[img_swap(image) for image in images]
if include_toc:
tocdiv = generate_table_of_contents(soup, prefix="wiki")
if tocdiv:
soup.insert(0, tocdiv)
text = str(soup)
return SC_OFF + WIKI_MD_START + text + WIKI_MD_END + SC_ON
def images(self):
sr_images = ImagesByWikiPage.get_images(c.site, "config/stylesheet")
images = []
for name, url in sr_images.iteritems():
images.append({"name": name, "link": "url(%%%%%s%%%%)" % name, "url": url})
return images
