sim1222/fedi-block-api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Additional query DoS mitigation

Browse Source
This commit is contained in:
Mint 2022-11-29 22:36:46 +03:00
parent 36ae433c2e
commit d0f1fe5c06
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
api.py
View File

@ -5,6 +5,7 @@ from hashlib import sha256
from fastapi.templating import Jinja2Templates
from requests import get
from json import loads
from re import sub
with open("config.json") as f:
config = loads(f.read())
@ -34,6 +35,10 @@ def info():
def blocked(domain: str = None, reason: str = None):
if domain == None and reason == None:
raise HTTPException(status_code=400, detail="No filter specified")
if reason != None:
reason = sub("(%|_)", "", reason)
if len(reason) < 3:
raise HTTPException(status_code=400, detail="Keyword is shorter than three characters")
conn = sqlite3.connect("blocks.db")
c = conn.cursor()
if domain != None:
@ -41,9 +46,6 @@ def blocked(domain: str = None, reason: str = None):
punycode = domain.encode('idna').decode('utf-8')
c.execute("select blocker, blocked, block_level, reason from blocks where blocked = ? or blocked = ? or blocked = ? or blocked = ? or blocked = ? or blocked = ?",
(domain, "*." + domain, wildchar, get_hash(domain), punycode, "*." + punycode))
else:
if len(reason) < 3:
raise HTTPException(status_code=400, detail="Keyword is shorter than three characters")
else:
c.execute("select blocker, blocked, reason, block_level from blocks where reason like ? and reason != ''", ("%"+reason+"%",))
blocks = c.fetchall()