add website input

isso/js/app/i18n/en.js

@@ -2,6 +2,7 @@ define({
     "postbox-text": "Type Comment Here (at least 3 chars)",
     "postbox-author": "Name (optional)",
     "postbox-email": "E-mail (optional)",
+    "postbox-website": "Website (optional)",
     "postbox-submit": "Submit",
 
     "num-comments": "One Comment\n{{ n }} Comments",

isso/js/app/isso.js

@@ -64,11 +64,13 @@ define(["app/dom", "app/utils", "app/config", "app/api", "app/jade", "app/i18n",
             api.create($("#isso-thread").getAttribute("data-isso-id"), {
                 author: $("[name=author]", el).value || null,
                 email: $("[name=email]", el).value || null,
+                website: $("[name=website]", el).value || null,
                 text: utils.text($(".textarea", el).innerHTML),
                 parent: parent || null
             }).then(function(comment) {
                 $("[name=author]", el).value = "";
                 $("[name=email]", el).value = "";
+                $("[name=website]", el).value = "";
                 $(".textarea", el).innerHTML = "";
                 $(".textarea", el).blur();
                 insert(comment, true);

isso/js/app/text/postbox.jade

@@ -11,5 +11,7 @@ div(class='postbox')
                 input(type='text' name='author' placeholder=i18n('postbox-author'))
             p(class='input-wrapper')
                 input(type='email' name='email' placeholder=i18n('postbox-email'))
+            p(class='input-wrapper')
+                input(type='text' name='website' placeholder=i18n('postbox-website'))
             p(class='post-action')
                 input(type='submit' value=i18n('postbox-submit'))

isso/views/comments.py

@@ -1,7 +1,7 @@
 # -*- encoding: utf-8 -*-
 
+import re
 import cgi
-import json
 import time
 import hashlib
 import functools
@@ -22,6 +22,27 @@ from isso.utils import http, parse, JSONResponse as JSON
 from isso.utils.crypto import pbkdf2
 from isso.views import requires
 
+# from Django appearently, looks good to me *duck*
+__url_re = re.compile(
+    r'^'
+    r'(https?://)?'
+    r'(?:(?:[A-Z0-9](?:[A-Z0-9-]{0,61}[A-Z0-9])?\.)+(?:[A-Z]{2,6}\.?|[A-Z0-9-]{2,}\.?)|'  # domain...
+    r'localhost|'  # localhost...
+    r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})'  # ...or ip
+    r'(?::\d+)?'  # optional port
+    r'(?:/?|[/?]\S+)'
+    r'$', re.IGNORECASE)
+
+
+def isurl(text):
+    return __url_re.match(text) is not None
+
+
+def normalize(url):
+    if not url.startswith(("http://", "https://")):
+        return "http://" + url
+    return url
+
 
 def sha1(text):
     return hashlib.sha1(text.encode('utf-8')).hexdigest()
@@ -111,6 +132,12 @@ class API(object):
         if len(comment.get("email") or "") > 254:
             return False, "http://tools.ietf.org/html/rfc5321#section-4.5.3"
 
+        if comment.get("website"):
+            if len(comment["website"]) > 254:
+                return False, "arbitrary length limit"
+            if not isurl(comment["website"]):
+                return False, "Website not Django-conform"
+
         return True, ""
 
     @xhr
@@ -129,10 +156,13 @@ class API(object):
         if not valid:
             return BadRequest(reason)
 
-        for field in ("author", "email"):
+        for field in ("author", "email", "website"):
             if data.get(field) is not None:
                 data[field] = cgi.escape(data[field])
 
+        if data.get("website"):
+            data["website"] = normalize(data["website"])
+
         data['mode'] = 2 if self.moderated else 1
         data['remote_addr'] = utils.anonymize(str(request.remote_addr))