Experiment: Remove character whitelist for tag names.
I have always felt bad about forbidding unicode in tag names, but I want to make sure I have a grip on sanitization / preventing abuse before allowing it. I think stripping control characters is enough and any abuse can be handled manually. Of course that's all fiction because there are no users except myself.
This commit is contained in:
parent
26b9371f26
commit
39b7f3cd98
3 changed files with 10 additions and 8 deletions
|
|
@ -291,7 +291,7 @@ DEFAULT_CONFIGURATION = {
|
||||||
'tag': {
|
'tag': {
|
||||||
'min_length': 1,
|
'min_length': 1,
|
||||||
'max_length': 32,
|
'max_length': 32,
|
||||||
'valid_chars': string.ascii_lowercase + string.digits + '_()',
|
# 'valid_chars': string.ascii_lowercase + string.digits + '_()',
|
||||||
},
|
},
|
||||||
|
|
||||||
'user': {
|
'user': {
|
||||||
|
|
|
||||||
|
|
@ -1206,17 +1206,19 @@ class Tag(ObjectBase, GroupableMixin):
|
||||||
return description
|
return description
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def normalize_name(name, valid_chars=None, min_length=None, max_length=None):
|
def normalize_name(name, min_length=None, max_length=None):
|
||||||
original_name = name
|
original_name = name
|
||||||
if valid_chars is None:
|
# if valid_chars is None:
|
||||||
valid_chars = constants.DEFAULT_CONFIGURATION['tag']['valid_chars']
|
# valid_chars = constants.DEFAULT_CONFIGURATION['tag']['valid_chars']
|
||||||
|
|
||||||
name = name.lower().strip()
|
name = name.lower()
|
||||||
|
name = helpers.remove_control_characters(name)
|
||||||
name = name.strip(' .+')
|
name = name.strip(' .+')
|
||||||
name = name.split('+')[0].split('.')[-1]
|
name = name.split('+')[0].split('.')[-1]
|
||||||
name = name.replace('-', '_')
|
name = name.replace('-', '_')
|
||||||
name = name.replace(' ', '_')
|
name = name.replace(' ', '_')
|
||||||
name = ''.join(c for c in name if c in valid_chars)
|
name = name.replace('=', '')
|
||||||
|
# name = ''.join(c for c in name if c in valid_chars)
|
||||||
|
|
||||||
if min_length is not None and len(name) < min_length:
|
if min_length is not None and len(name) < min_length:
|
||||||
raise exceptions.TagTooShort(original_name)
|
raise exceptions.TagTooShort(original_name)
|
||||||
|
|
|
||||||
|
|
@ -1192,7 +1192,7 @@ class PDBTagMixin:
|
||||||
def normalize_tagname(self, tagname):
|
def normalize_tagname(self, tagname):
|
||||||
tagname = objects.Tag.normalize_name(
|
tagname = objects.Tag.normalize_name(
|
||||||
tagname,
|
tagname,
|
||||||
valid_chars=self.config['tag']['valid_chars'],
|
# valid_chars=self.config['tag']['valid_chars'],
|
||||||
min_length=self.config['tag']['min_length'],
|
min_length=self.config['tag']['min_length'],
|
||||||
max_length=self.config['tag']['max_length'],
|
max_length=self.config['tag']['max_length'],
|
||||||
)
|
)
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue