Browse Source

Merge pull request #8742 from MrPetovan/task/blocklist-safelist

Replace charged terms with "allowlist", "denylist" and "blocklist"
pull/8747/head
Michael Vogel 2 years ago committed by GitHub
parent
commit
51a6b0fcb6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 6
      CHANGELOG
  2. 4
      database.sql
  3. 2
      doc/Install.md
  4. 2
      doc/database/db_contact.md
  5. 4
      friendica_test_data.sql
  6. 14
      include/items.php
  7. 2
      src/Content/Text/BBCode.php
  8. 6
      src/Database/Database.php
  9. 2
      src/Module/Admin/Blocklist/Server.php
  10. 6
      src/Module/Contact.php
  11. 6
      src/Protocol/Feed.php
  12. 4
      static/dbstructure.config.php
  13. 2
      static/dbview.config.php
  14. 6
      static/defaults.config.php
  15. 11
      update.php
  16. 2
      view/templates/contact_edit.tpl
  17. 2
      view/theme/frio/templates/contact_edit.tpl
  18. 2
      view/theme/vier/templates/contact_edit.tpl

6
CHANGELOG

@ -61,7 +61,7 @@ Version 2020.03 "Red Hot Poker" (2020-03-30)
Update to the translations (CS, DE, FR, PL, RU, ZH-CN) [translation teams]
General code refactoring and enhancements [AndyHee, annando, MrPetovan, nupplaphil]
blockbot:
Ensure that good agents are whitelisted [valvin1]
Ensure that good agents are allowlisted [valvin1]
markdown:
Addon to use Markdown while composing a posting was added [annando]
showmore:
@ -911,7 +911,7 @@ Version 3.5.3 (2017-10-05)
Updates to the documentation [tobiasd]
Code revision and refactoring [Hypolite]
pumpio, twitter bridges adopted to new background mechanism [annando]
Leistungsschutzrecht has a new source list, and a whitelist [annando]
Leistungsschutzrecht has a new source list, and an allowlist [annando]
retriever marked unsupported due to unwanted side-effects [annando]
Unicode emoji added [annando]
Enhancement to the general content filter [annando]
@ -1373,7 +1373,7 @@ Version 3.3.1 (2014-11-06)
Set default location to empty for new users. Suppress warning on user creation (issue #1193) (fabrixxm)
Correctly build urls with queries (issue #1190) (fabrixxm)
Optionally use keywords in feed as post tags with "remote self" (annando)
A blacklist of keywords to not use can be defined (annando)
A denylist of keywords to not use can be defined (annando)
"remote self" works also with Friendica and Diaspora contacts (annando)
Show exact post time after 12 hours (FX7)
Optionally redirect from non-SSL to SSL (annando)

4
database.sql

@ -125,7 +125,7 @@ CREATE TABLE IF NOT EXISTS `contact` (
`bd` date NOT NULL DEFAULT '0001-01-01' COMMENT '',
`notify_new_posts` boolean NOT NULL DEFAULT '0' COMMENT '',
`fetch_further_information` tinyint unsigned NOT NULL DEFAULT 0 COMMENT '',
`ffi_keyword_blacklist` text COMMENT '',
`ffi_keyword_denylist` text COMMENT '',
PRIMARY KEY(`id`),
INDEX `uid_name` (`uid`,`name`(190)),
INDEX `self_uid` (`self`,`uid`),
@ -1540,7 +1540,7 @@ CREATE VIEW `owner-view` AS SELECT
`contact`.`bd` AS `bd`,
`contact`.`notify_new_posts` AS `notify_new_posts`,
`contact`.`fetch_further_information` AS `fetch_further_information`,
`contact`.`ffi_keyword_blacklist` AS `ffi_keyword_blacklist`,
`contact`.`ffi_keyword_denylist` AS `ffi_keyword_denylist`,
`user`.`parent-uid` AS `parent-uid`,
`user`.`guid` AS `guid`,
`user`.`nickname` AS `nickname`,

2
doc/Install.md

@ -435,7 +435,7 @@ provided by one of our members.
>
> This is obvious as soon as you notice that the friendica-cron uses `proc_open`
> to execute PHP scripts that also use `proc_open`, but it took me quite some time to find that out.
> I hope this saves some time for other people using suhosin with function blacklists.
> I hope this saves some time for other people using suhosin with function blocklists.
### Unable to create all mysql tables on MySQL 5.7.17 or newer

2
doc/database/db_contact.md

@ -67,6 +67,6 @@ Table contact
| bd | | date | NO | | 0001-01-01 | |
| notify_new_posts | | tinyint(1) | NO | | 0 | |
| fetch_further_information | | tinyint(1) | NO | | 0 | |
| ffi_keyword_blacklist | | mediumtext | NO | | NULL | |
| ffi_keyword_denylist | | mediumtext | NO | | NULL | |
Return to [database documentation](help/database)

4
friendica_test_data.sql

File diff suppressed because one or more lines are too long

14
include/items.php

@ -111,7 +111,7 @@ function add_page_info_data(array $data, $no_photos = false)
return "\n".$text.$hashtags;
}
function query_page_info($url, $photo = "", $keywords = false, $keyword_blacklist = "")
function query_page_info($url, $photo = "", $keywords = false, $keyword_denylist = "")
{
$data = ParseUrl::getSiteinfoCached($url, true);
@ -125,8 +125,8 @@ function query_page_info($url, $photo = "", $keywords = false, $keyword_blacklis
unset($data["keywords"]);
}
if (($keyword_blacklist != "") && isset($data["keywords"])) {
$list = explode(", ", $keyword_blacklist);
if (($keyword_denylist != "") && isset($data["keywords"])) {
$list = explode(", ", $keyword_denylist);
foreach ($list as $keyword) {
$keyword = trim($keyword);
@ -141,9 +141,9 @@ function query_page_info($url, $photo = "", $keywords = false, $keyword_blacklis
return $data;
}
function get_page_keywords($url, $photo = "", $keywords = false, $keyword_blacklist = "")
function get_page_keywords($url, $photo = "", $keywords = false, $keyword_denylist = "")
{
$data = query_page_info($url, $photo, $keywords, $keyword_blacklist);
$data = query_page_info($url, $photo, $keywords, $keyword_denylist);
if (empty($data["keywords"]) || !is_array($data["keywords"])) {
return [];
}
@ -159,9 +159,9 @@ function get_page_keywords($url, $photo = "", $keywords = false, $keyword_blackl
return $taglist;
}
function add_page_info($url, $no_photos = false, $photo = "", $keywords = false, $keyword_blacklist = "")
function add_page_info($url, $no_photos = false, $photo = "", $keywords = false, $keyword_denylist = "")
{
$data = query_page_info($url, $photo, $keywords, $keyword_blacklist);
$data = query_page_info($url, $photo, $keywords, $keyword_denylist);
$text = '';

2
src/Content/Text/BBCode.php

@ -1859,7 +1859,7 @@ class BBCode
$text = preg_replace('#<([^>]*?)(src)="(?!' . implode('|', $allowed_src_protocols) . ')(.*?)"(.*?)>#ism',
'<$1$2=""$4 data-original-src="$3" class="invalid-src" title="' . DI::l10n()->t('Invalid source protocol') . '">', $text);
// sanitize href attributes (only whitelisted protocols URLs)
// sanitize href attributes (only allowlisted protocols URLs)
// default value for backward compatibility
$allowed_link_protocols = DI::config()->get('system', 'allowed_link_protocols', []);

6
src/Database/Database.php

@ -319,7 +319,7 @@ class Database
}
$watchlist = explode(',', $this->configCache->get('system', 'db_log_index_watch'));
$blacklist = explode(',', $this->configCache->get('system', 'db_log_index_blacklist'));
$denylist = explode(',', $this->configCache->get('system', 'db_log_index_denylist'));
while ($row = $this->fetch($r)) {
if ((intval($this->configCache->get('system', 'db_loglimit_index')) > 0)) {
@ -333,7 +333,7 @@ class Database
$log = true;
}
if (in_array($row['key'], $blacklist) || ($row['key'] == "")) {
if (in_array($row['key'], $denylist) || ($row['key'] == "")) {
$log = false;
}
@ -349,7 +349,7 @@ class Database
}
/**
* Removes every not whitelisted character from the identifier string
* Removes every not allowlisted character from the identifier string
*
* @param string $identifier
*

2
src/Module/Admin/Blocklist/Server.php

@ -88,7 +88,7 @@ class Server extends BaseAdmin
return Renderer::replaceMacros($t, [
'$title' => DI::l10n()->t('Administration'),
'$page' => DI::l10n()->t('Server Domain Pattern Blocklist'),
'$intro' => DI::l10n()->t('This page can be used to define a blacklist of server domain patterns from the federated network that are not allowed to interact with your node. For each domain pattern you should also provide the reason why you block it.'),
'$intro' => DI::l10n()->t('This page can be used to define a blocklist of server domain patterns from the federated network that are not allowed to interact with your node. For each domain pattern you should also provide the reason why you block it.'),
'$public' => DI::l10n()->t('The list of blocked server domain patterns will be made publically available on the <a href="/friendica">/friendica</a> page so that your users and people investigating communication problems can find the reason easily.'),
'$syntax' => DI::l10n()->t('<p>The server domain pattern syntax is case-insensitive shell wildcard, comprising the following special characters:</p>
<ul>

6
src/Module/Contact.php

@ -125,7 +125,7 @@ class Contact extends BaseModule
$fetch_further_information = intval($_POST['fetch_further_information'] ?? 0);
$ffi_keyword_blacklist = Strings::escapeHtml(trim($_POST['ffi_keyword_blacklist'] ?? ''));
$ffi_keyword_denylist = Strings::escapeHtml(trim($_POST['ffi_keyword_denylist'] ?? ''));
$priority = intval($_POST['poll'] ?? 0);
if ($priority > 5 || $priority < 0) {
@ -140,7 +140,7 @@ class Contact extends BaseModule
'hidden' => $hidden,
'notify_new_posts' => $notify,
'fetch_further_information' => $fetch_further_information,
'ffi_keyword_blacklist' => $ffi_keyword_blacklist],
'ffi_keyword_denylist' => $ffi_keyword_denylist],
['id' => $contact_id, 'uid' => local_user()]
);
@ -613,7 +613,7 @@ class Contact extends BaseModule
'$hidden' => ['hidden', DI::l10n()->t('Hide this contact from others'), ($contact['hidden'] == 1), DI::l10n()->t('Replies/likes to your public posts <strong>may</strong> still be visible')],
'$notify' => ['notify', DI::l10n()->t('Notification for new posts'), ($contact['notify_new_posts'] == 1), DI::l10n()->t('Send a notification of every new post of this contact')],
'$fetch_further_information' => $fetch_further_information,
'$ffi_keyword_blacklist' => ['ffi_keyword_blacklist', DI::l10n()->t('Blacklisted keywords'), $contact['ffi_keyword_blacklist'], DI::l10n()->t('Comma separated list of keywords that should not be converted to hashtags, when "Fetch information and keywords" is selected')],
'$ffi_keyword_denylist' => ['ffi_keyword_denylist', DI::l10n()->t('Keyword Deny List'), $contact['ffi_keyword_denylist'], DI::l10n()->t('Comma separated list of keywords that should not be converted to hashtags, when "Fetch information and keywords" is selected')],
'$photo' => $contact['photo'],
'$name' => $contact['name'],
'$dir_icon' => $dir_icon,

6
src/Protocol/Feed.php

@ -468,8 +468,8 @@ class Feed {
// We always strip the title since it will be added in the page information
$item["title"] = "";
$item["body"] = $item["body"] . add_page_info($item["plink"], false, $preview, ($contact["fetch_further_information"] == 2), $contact["ffi_keyword_blacklist"]);
$taglist = get_page_keywords($item["plink"], $preview, ($contact["fetch_further_information"] == 2), $contact["ffi_keyword_blacklist"]);
$item["body"] = $item["body"] . add_page_info($item["plink"], false, $preview, ($contact["fetch_further_information"] == 2), $contact["ffi_keyword_denylist"]);
$taglist = get_page_keywords($item["plink"], $preview, ($contact["fetch_further_information"] == 2), $contact["ffi_keyword_denylist"]);
$item["object-type"] = Activity\ObjectType::BOOKMARK;
unset($item["attach"]);
} else {
@ -479,7 +479,7 @@ class Feed {
if (!empty($contact["fetch_further_information"]) && ($contact["fetch_further_information"] == 3)) {
if (empty($taglist)) {
$taglist = get_page_keywords($item["plink"], $preview, true, $contact["ffi_keyword_blacklist"]);
$taglist = get_page_keywords($item["plink"], $preview, true, $contact["ffi_keyword_denylist"]);
}
$item["body"] .= "\n" . self::tagToString($taglist);
} else {

4
static/dbstructure.config.php

@ -54,7 +54,7 @@
use Friendica\Database\DBA;
if (!defined('DB_UPDATE_VERSION')) {
define('DB_UPDATE_VERSION', 1353);
define('DB_UPDATE_VERSION', 1354);
}
return [
@ -181,7 +181,7 @@ return [
"bd" => ["type" => "date", "not null" => "1", "default" => DBA::NULL_DATE, "comment" => ""],
"notify_new_posts" => ["type" => "boolean", "not null" => "1", "default" => "0", "comment" => ""],
"fetch_further_information" => ["type" => "tinyint unsigned", "not null" => "1", "default" => "0", "comment" => ""],
"ffi_keyword_blacklist" => ["type" => "text", "comment" => ""],
"ffi_keyword_denylist" => ["type" => "text", "comment" => ""],
],
"indexes" => [
"PRIMARY" => ["id"],

2
static/dbview.config.php

@ -145,7 +145,7 @@ return [
"bd" => ["contact", "bd"],
"notify_new_posts" => ["contact", "notify_new_posts"],
"fetch_further_information" => ["contact", "fetch_further_information"],
"ffi_keyword_blacklist" => ["contact", "ffi_keyword_blacklist"],
"ffi_keyword_denylist" => ["contact", "ffi_keyword_denylist"],
"parent-uid" => ["user", "parent-uid"],
"guid" => ["user", "guid"],
"nickname" => ["user", "nickname"], /// @todo Replaces all uses of "nickname" with "nick"

6
static/defaults.config.php

@ -143,9 +143,9 @@ return [
// Watchlist of indexes to watch.
'db_log_index_watch' => '',
// db_log_index_blacklist (Comma-separated list)
// Blacklist of indexes that shouldn't be watched.
'db_log_index_blacklist' => '',
// db_log_index_denylist (Comma-separated list)
// Deny list of indexes that shouldn't be watched.
'db_log_index_denylist' => '',
// db_loglimit (Integer)
// If a database call lasts longer than this value in seconds it is logged.

11
update.php

@ -45,6 +45,7 @@ use Friendica\Core\Logger;
use Friendica\Core\Update;
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\Database\DBStructure;
use Friendica\DI;
use Friendica\Model\Contact;
use Friendica\Model\GContact;
@ -508,3 +509,13 @@ function update_1351()
return Update::SUCCESS;
}
function pre_update_1354()
{
if(DBStructure::existsColumn('contact', 'ffi_keyword_blacklist')
&& !DBA::e("ALTER TABLE `contact` CHANGE `ffi_keyword_blacklist` `ffi_keyword_denylist` text null")) {
return Update::FAILED;
}
return Update::SUCCESS;
}

2
view/templates/contact_edit.tpl

@ -67,7 +67,7 @@
{{include file="field_checkbox.tpl" field=$notify}}
{{if $fetch_further_information}}
{{include file="field_select.tpl" field=$fetch_further_information}}
{{if $fetch_further_information.2 == 2 || $fetch_further_information.2 == 3}} {{include file="field_textarea.tpl" field=$ffi_keyword_blacklist}} {{/if}}
{{if $fetch_further_information.2 == 2 || $fetch_further_information.2 == 3}} {{include file="field_textarea.tpl" field=$ffi_keyword_denylist}} {{/if}}
{{/if}}
{{include file="field_checkbox.tpl" field=$hidden}}

2
view/theme/frio/templates/contact_edit.tpl

@ -132,7 +132,7 @@
{{include file="field_checkbox.tpl" field=$notify}}
{{if $fetch_further_information}}
{{include file="field_select.tpl" field=$fetch_further_information}}
{{if $fetch_further_information.2 == 2 || $fetch_further_information.2 == 3}} {{include file="field_textarea.tpl" field=$ffi_keyword_blacklist}} {{/if}}
{{if $fetch_further_information.2 == 2 || $fetch_further_information.2 == 3}} {{include file="field_textarea.tpl" field=$ffi_keyword_denylist}} {{/if}}
{{/if}}
{{include file="field_checkbox.tpl" field=$hidden}}

2
view/theme/vier/templates/contact_edit.tpl

@ -68,7 +68,7 @@
{{include file="field_checkbox.tpl" field=$notify}}
{{if $fetch_further_information}}
{{include file="field_select.tpl" field=$fetch_further_information}}
{{if $fetch_further_information.2 == 2 || $fetch_further_information.2 == 3}} {{include file="field_textarea.tpl" field=$ffi_keyword_blacklist}} {{/if}}
{{if $fetch_further_information.2 == 2 || $fetch_further_information.2 == 3}} {{include file="field_textarea.tpl" field=$ffi_keyword_denylist}} {{/if}}
{{/if}}
{{include file="field_checkbox.tpl" field=$hidden}}

Loading…
Cancel
Save