From 84b8939569b78147250aca61f4261358971738cd Mon Sep 17 00:00:00 2001
From: =?utf8?q?Roland=20H=C3=A4der?= <roland@mxchange.org>
Date: Wed, 7 Jun 2023 00:21:02 +0200
Subject: [PATCH] Continued: - don't link to invalid domain names, if invalid a
 HTTPException is raised

---
 api.py                    | 8 ++++++++
 templates/index.html      | 5 ++---
 templates/scoreboard.html | 3 +--
 3 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/api.py b/api.py
index b2079c4..bd54788 100644
--- a/api.py
+++ b/api.py
@@ -25,6 +25,8 @@ import fastapi
 import uvicorn
 import requests
 import re
+import validators
+
 from fba import *
 
 router = fastapi.FastAPI(docs_url=config.get("base_url") + "/docs", redoc_url=config.get("base_url") + "/redoc")
@@ -191,10 +193,16 @@ def index(request: Request, domain: str = None, reason: str = None, reverse: str
     blocks = None
 
     if domain != None:
+        if not validators.domain(domain):
+            raise HTTPException(status_code=500, detail="Invalid domain")
+
         blocks = requests.get(f"http://{config.get('host')}:{config.get('port')}{config.get('base_url')}/api/index.json?domain={domain}")
     elif reason != None:
         blocks = requests.get(f"http://{config.get('host')}:{config.get('port')}{config.get('base_url')}/api/index.json?reason={reason}")
     elif reverse != None:
+        if not validators.domain(reverse):
+            raise HTTPException(status_code=500, detail="Invalid domain")
+
         blocks = requests.get(f"http://{config.get('host')}:{config.get('port')}{config.get('base_url')}/api/index.json?reverse={reverse}")
 
     if blocks != None:
diff --git a/templates/index.html b/templates/index.html
index f5f73ad..a8a4d76 100644
--- a/templates/index.html
+++ b/templates/index.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html>
 <head>
-    <title>fedi-block-api{% if domain %} {{domain}}{% endif %}</title>
+    <title>fedi-block-api{% if domain %} - Instances that block {{domain}}{% elif reverse %} - Instances that are blocked by {{reverse}}{% endif %}</title>
     <link rel="alternate" type="application/rss+xml" title="RSS Feed for latest blocked instances" href="{{base_url}}/rss" />
     {% if domain %}
     <link rel="alternate" type="application/rss+xml" title="RSS Feed for blocked domain {{domain}}" href="{{base_url}}/rss?domain={{domain}}" />
@@ -16,8 +16,7 @@
         }
         .block_level {
             background-color: #1c1c3c;
-            width: 80em;
-            padding: 5px;
+            width: 100%;
             margin: auto;
             margin-top: 10px;
         }
diff --git a/templates/scoreboard.html b/templates/scoreboard.html
index 19e3f77..cab33ad 100644
--- a/templates/scoreboard.html
+++ b/templates/scoreboard.html
@@ -11,8 +11,7 @@
         }
         .block_level {
             background-color: #1c1c3c;
-            width: 80em;
-            padding: 5px;
+            width: 100%;
             margin: auto;
             margin-top: 10px;
         }
-- 
2.39.2