From 96d2dc0a0d9d5eb701ce62592d1cf845b1429656 Mon Sep 17 00:00:00 2001 From: Stefano Pigozzi Date: Sun, 21 Jul 2019 23:02:20 +0200 Subject: [PATCH] Stop nested quotes from crashing the website (#70) --- royalnet/web/royalprints/wikiview/__init__.py | 33 ++++++++++++------- 1 file changed, 21 insertions(+), 12 deletions(-) diff --git a/royalnet/web/royalprints/wikiview/__init__.py b/royalnet/web/royalprints/wikiview/__init__.py index 2b90765b..c167bba3 100644 --- a/royalnet/web/royalprints/wikiview/__init__.py +++ b/royalnet/web/royalprints/wikiview/__init__.py @@ -15,7 +15,13 @@ rp = Royalprint("wikiview", __name__, url_prefix="/wiki/view", template_folder=t required_tables={Royal, WikiPage, WikiRevision}) +class WikiRenderError(Exception): + """An error occurred while trying to render the wiki page.""" + + def prepare_page_markdown(page): + if list(page.content).count(">") > 99: + raise WikiRenderError("Too many nested quotes") converted_md = markdown2.markdown(page.content.replace("<", "<"), extras=["spoiler", "tables", "smarty-pants", "fenced-code-blocks"]) converted_md = re.sub(r"{https?://(?:www\.)?(?:youtube\.com/watch\?.*?&?v=|youtu.be/)([0-9A-Za-z-]+).*?}", @@ -37,18 +43,21 @@ def prepare_page_markdown(page): def prepare_page(page): - if page.format == "markdown": - return f.render_template("wikiview_page.html", - page=page, - parsed_content=f.Markup(prepare_page_markdown(page)), - css=page.css) - elif page.format == "html": - return f.render_template("wikiview_page.html", - page=page, - parsed_content=f.Markup(page.content), - css=page.css) - else: - return error(500, f"Non esiste nessun handler in grado di preparare pagine con il formato {page.format}.") + try: + if page.format == "markdown": + return f.render_template("wikiview_page.html", + page=page, + parsed_content=f.Markup(prepare_page_markdown(page)), + css=page.css) + elif page.format == "html": + return f.render_template("wikiview_page.html", + page=page, + parsed_content=f.Markup(page.content), + css=page.css) + else: + return error(500, f"Non esiste nessun handler in grado di preparare pagine con il formato {page.format}.") + except WikiRenderError as e: + return error(500, f"La pagina Wiki non può essere preparata a causa di un errore: {str(e)}") @rp.route("/")