Continued:

- don't link to invalid domain names, if invalid a HTTPException is raised

diff --git a/api.py b/api.py
index b2079c4f7ba3eee9feb8df78ec812299671621f3..bd5478891195ea01bf2d26cdf167a30c170d6266 100644 (file)
--- a/api.py
+++ b/api.py
@@ -25,6 +25,8 @@ import fastapi
 import uvicorn
 import requests
 import re
+import validators
+
 from fba import *
 
 router = fastapi.FastAPI(docs_url=config.get("base_url") + "/docs", redoc_url=config.get("base_url") + "/redoc")
@@ -191,10 +193,16 @@ def index(request: Request, domain: str = None, reason: str = None, reverse: str
     blocks = None
 
     if domain != None:
+        if not validators.domain(domain):
+            raise HTTPException(status_code=500, detail="Invalid domain")
+
         blocks = requests.get(f"http://{config.get('host')}:{config.get('port')}{config.get('base_url')}/api/index.json?domain={domain}")
     elif reason != None:
         blocks = requests.get(f"http://{config.get('host')}:{config.get('port')}{config.get('base_url')}/api/index.json?reason={reason}")
     elif reverse != None:
+        if not validators.domain(reverse):
+            raise HTTPException(status_code=500, detail="Invalid domain")
+
         blocks = requests.get(f"http://{config.get('host')}:{config.get('port')}{config.get('base_url')}/api/index.json?reverse={reverse}")
 
     if blocks != None:

diff --git a/templates/index.html b/templates/index.html
index f5f73ad6ae5a56ac21b197b1a577e447b1661a8e..a8a4d76eeb0dc3ab5808ab8c9b8b3e93f3da942f 100644 (file)
--- a/templates/index.html
+++ b/templates/index.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html>
 <head>
-    <title>fedi-block-api{% if domain %} {{domain}}{% endif %}</title>
+    <title>fedi-block-api{% if domain %} - Instances that block {{domain}}{% elif reverse %} - Instances that are blocked by {{reverse}}{% endif %}</title>
     <link rel="alternate" type="application/rss+xml" title="RSS Feed for latest blocked instances" href="{{base_url}}/rss" />
     {% if domain %}
     <link rel="alternate" type="application/rss+xml" title="RSS Feed for blocked domain {{domain}}" href="{{base_url}}/rss?domain={{domain}}" />
@@ -16,8 +16,7 @@
         }
         .block_level {
             background-color: #1c1c3c;
-            width: 80em;
-            padding: 5px;
+            width: 100%;
             margin: auto;
             margin-top: 10px;
         }

diff --git a/templates/scoreboard.html b/templates/scoreboard.html
index 19e3f772e730215ee87000c554f5e0ebfbf9a57b..cab33ad6767a1c20ce4a46a6cab1a29c83bc6157 100644 (file)
--- a/templates/scoreboard.html
+++ b/templates/scoreboard.html
@@ -11,8 +11,7 @@
         }
         .block_level {
             background-color: #1c1c3c;
-            width: 80em;
-            padding: 5px;
+            width: 100%;
             margin: auto;
             margin-top: 10px;
         }