davide/purple-explorer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Filter bad words from claim address display name

Browse Source 
-Also fix claim address success msg when 'Display Name' contains script tags
This commit is contained in:
joeuhren
2020-12-22 18:06:40 -07:00
parent 82efa96954
commit 2d734b9f00
3 changed files with 31 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app.js
+24 -10
View File
@@ -280,16 +280,30 @@ app.use('/ext/getaddresstxs/:address/:start/:length', function(req,res) {
});
app.post('/address/:hash/claim', function(req, res) {
lib.verify_message(req.body.address, req.body.signature, req.body.message, function(body) {
if (body == false) {
res.json({'status': 'failed', 'error': true, 'message': 'Invalid signature'});
} else if (body == true) {
db.update_label(req.body.address, req.body.message, function() {
res.json({'status': 'success'});
});
} else
res.json({'status': 'failed', 'error': true, 'message': 'There was an error. Check your console.'});
});
// initialize the bad-words filter
var bad_word_lib = require('bad-words');
var bad_word_filter = new bad_word_lib();
// clean the message (Display name) of bad words
var message = bad_word_filter.clean(req.body.message);
// check if the message was filtered
if (message == req.body.message) {
// call the verifymessage api
lib.verify_message(req.body.address, req.body.signature, req.body.message, function(body) {
if (body == false) {
res.json({'status': 'failed', 'error': true, 'message': 'Invalid signature'});
} else if (body == true) {
db.update_label(req.body.address, req.body.message, function() {
res.json({'status': 'success'});
});
} else
res.json({'status': 'failed', 'error': true, 'message': 'There was an error. Check your console'});
});
} else {
// message was filtered which would change the signature
res.json({'status': 'failed', 'error': true, 'message': 'Display name contains bad words and cannot be saved: ' + message});
}
});
app.use('/ext/connections', function(req,res){
package.json
+2 -1
View File
@@ -26,7 +26,8 @@
"qr-image": "~3.2.0",
"sass": "1.30.0",
"json": "10.0.0",
"strip-json-comments-cli": "1.0.1"
"strip-json-comments-cli": "1.0.1",
"bad-words": "3.0.4"
},
"devDependencies": {
"jasmine": "~3.6.3"
views/claim_address.pug
+5 -2
View File
@@ -3,10 +3,13 @@ extends layout
block content
script.
$(function () {
function displayAsText(str) {
return str.replace(/</g, '&#60;').replace(/>/g, '&#62;');
}
function showClaimAlert(claimClass, warnMsg) {
if ($('#claimAlert').length == 0)
$('<div id="claimAlert"></div>').insertBefore('#claimForm');
$('#claimAlert').html('<div class="alert alert-' + claimClass + '"><div class="font-weight-bold" style="padding-bottom:10px;">' + (claimClass == 'success' ? 'Address claimed successfully' : (claimClass == 'danger' ? 'Failed to claim address' : 'Required field missing')) + '</div> ' + (claimClass == 'success' ? 'This address will now be referred to as <strong>"' + $('#message').val() + '"</strong> throughout the website' : (claimClass == 'danger' ? 'Invalid signature' : warnMsg)) + '.</div>');
$('#claimAlert').html('<div class="alert alert-' + claimClass + '"><div class="font-weight-bold" style="padding-bottom:10px;">' + (claimClass == 'success' ? 'Address claimed successfully' : (claimClass == 'danger' ? 'Failed to claim address' : 'Required field missing')) + '</div> ' + (claimClass == 'success' ? 'This address will now be referred to as <strong>"' + displayAsText($('#message').val()) + '"</strong> throughout the website' : warnMsg) + '.</div>');
}
$('#claimForm').on('submit', function (e) {
@@ -32,7 +35,7 @@ block content
'signature': signature
},
success: function (data) {
showClaimAlert((data.status == 'success' ? 'success' : 'danger'), '');
showClaimAlert((data.status == 'success' ? 'success' : 'danger'), data.message);
}
});
}