forked from linsyking/CanvasHelper2
-
Notifications
You must be signed in to change notification settings - Fork 1
/
local_func.py
43 lines (34 loc) · 1.15 KB
/
local_func.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
import os
from os import path
from global_config import ALLOWED_EXTENSION
# INFO: Safety check for file
def check_file(filename):
base_path = "/public/res/"
full_path = path.normpath(path.join(base_path,
filename)).replace("\\", "/")
if ("." not in filename
or filename.rsplit(".", 1)[1].lower() not in ALLOWED_EXTENSION):
return "Illegal"
if not full_path.startswith(base_path):
return "Illegal"
else:
return filename
# XSS protection
def htmlspecialchars(text):
return (text.replace("&", "&").replace('"', """).replace(
"<", "<").replace(">", ">"))
# Make sure all folders exist:
# |-- canvas/
# | |-- .secret // Automatically generated
def init_conf_path():
if not os.path.exists("canvas"):
os.mkdir("canvas")
print("No canvas folder found. Created one.")
# Format url into https://example.com/
def url_format(url):
if url.find("http://") == -1 and url.find("https://") == -1:
# Invalid protocal
url = "https://" + url
if not url.endswith("/"):
url = url + "/"
return url