add website input

2014-05-26 18:47:49 +02:00 · 2014-05-26 18:47:49 +02:00 · 5b0ce6471a
commit 5b0ce6471a
parent 8cf9ea348e
4 changed files with 37 additions and 2 deletions
--- a/isso/js/app/i18n/en.js
+++ b/isso/js/app/i18n/en.js
@ -2,6 +2,7 @@ define({
    "postbox-text": "Type Comment Here (at least 3 chars)",
    "postbox-author": "Name (optional)",
    "postbox-email": "E-mail (optional)",
+    "postbox-website": "Website (optional)",
    "postbox-submit": "Submit",

    "num-comments": "One Comment\n{{ n }} Comments",
--- a/isso/js/app/isso.js
+++ b/isso/js/app/isso.js
@ -64,11 +64,13 @@ define(["app/dom", "app/utils", "app/config", "app/api", "app/jade", "app/i18n",
            api.create($("#isso-thread").getAttribute("data-isso-id"), {
                author: $("[name=author]", el).value || null,
                email: $("[name=email]", el).value || null,
+                website: $("[name=website]", el).value || null,
                text: utils.text($(".textarea", el).innerHTML),
                parent: parent || null
            }).then(function(comment) {
                $("[name=author]", el).value = "";
                $("[name=email]", el).value = "";
+                $("[name=website]", el).value = "";
                $(".textarea", el).innerHTML = "";
                $(".textarea", el).blur();
                insert(comment, true);
--- a/isso/js/app/text/postbox.jade
+++ b/isso/js/app/text/postbox.jade
@ -11,5 +11,7 @@ div(class='postbox')
                input(type='text' name='author' placeholder=i18n('postbox-author'))
            p(class='input-wrapper')
                input(type='email' name='email' placeholder=i18n('postbox-email'))
+            p(class='input-wrapper')
+                input(type='text' name='website' placeholder=i18n('postbox-website'))
            p(class='post-action')
                input(type='submit' value=i18n('postbox-submit'))
--- a/isso/views/comments.py
+++ b/isso/views/comments.py
@ -1,7 +1,7 @@
 # -*- encoding: utf-8 -*-

+import re
 import cgi
-import json
 import time
 import hashlib
 import functools
@ -22,6 +22,27 @@ from isso.utils import http, parse, JSONResponse as JSON
 from isso.utils.crypto import pbkdf2
 from isso.views import requires

+# from Django appearently, looks good to me *duck*
+__url_re = re.compile(
+    r'^'
+    r'(https?://)?'
+    r'(?:(?:[A-Z0-9](?:[A-Z0-9-]{0,61}[A-Z0-9])?\.)+(?:[A-Z]{2,6}\.?|[A-Z0-9-]{2,}\.?)|'  # domain...
+    r'localhost|'  # localhost...
+    r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})'  # ...or ip
+    r'(?::\d+)?'  # optional port
+    r'(?:/?|[/?]\S+)'
+    r'$', re.IGNORECASE)
+
+
+def isurl(text):
+    return __url_re.match(text) is not None
+
+
+def normalize(url):
+    if not url.startswith(("http://", "https://")):
+        return "http://" + url
+    return url
+

 def sha1(text):
    return hashlib.sha1(text.encode('utf-8')).hexdigest()
@ -111,6 +132,12 @@ class API(object):
        if len(comment.get("email") or "") > 254:
            return False, "http://tools.ietf.org/html/rfc5321#section-4.5.3"

+        if comment.get("website"):
+            if len(comment["website"]) > 254:
+                return False, "arbitrary length limit"
+            if not isurl(comment["website"]):
+                return False, "Website not Django-conform"
+
        return True, ""

    @xhr
@ -129,10 +156,13 @@ class API(object):
        if not valid:
            return BadRequest(reason)

-        for field in ("author", "email"):
+        for field in ("author", "email", "website"):
            if data.get(field) is not None:
                data[field] = cgi.escape(data[field])

+        if data.get("website"):
+            data["website"] = normalize(data["website"])
+
        data['mode'] = 2 if self.moderated else 1
        data['remote_addr'] = utils.anonymize(str(request.remote_addr))