From 87d02f364f6f2efda0ce3f5588776f7e3a53875c Mon Sep 17 00:00:00 2001 From: Matthew Grotke Date: Wed, 10 Jun 2026 23:34:36 -0400 Subject: [PATCH] Development --- docker/routlin-dash/app/factory.py | 2 +- docker/routlin-dash/app/sanitize.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docker/routlin-dash/app/factory.py b/docker/routlin-dash/app/factory.py index c11488c..f2f0b32 100644 --- a/docker/routlin-dash/app/factory.py +++ b/docker/routlin-dash/app/factory.py @@ -203,7 +203,7 @@ function _checkLine(s){ if(validation&8192){t=_acc(function(){if(!s)return _par('');var slash=s.indexOf('/');if(slash===-1){var rv=_ipv4(s);if(rv==='ok'){var lo=parseInt(s.split('.')[3],10);return lo===0?_par(''):_ok();}return(rv==='partial'||rv==='empty')?_par(''):(rv==='badchar'?_err('Invalid character'):rv==='badrange'?_err('Octet out of range'):_err('Invalid format'));}var rv=_ipv4(s.slice(0,slash));if(rv!=='ok')return rv==='badchar'?_err('Invalid character'):rv==='badrange'?_err('Octet out of range'):_par('');var pfx=s.slice(slash+1);if(!pfx)return _par('');if(/[^0-9]/.test(pfx))return _err('Invalid character');var n=parseInt(pfx,10);if(n<0||n>32)return _err('Prefix must be 0-32');var ip=s.slice(0,slash).split('.').map(Number);var ipN=((ip[0]<<24)|(ip[1]<<16)|(ip[2]<<8)|ip[3])>>>0;var mB=n===0?0:((0xFFFFFFFF<<(32-n))>>>0);return((ipN&(~mB>>>0))!==0)?_err('Host bits must be zero'):_ok();}());if(t)return t;} if(validation&16384){t=_acc(function(){if(!s)return _par('');var rv=_ipv4(s);if(rv!=='ok')return _par('');if(!collisions||!collisions.length)return _ok();var ip=s.split('.').map(Number);var ipN=((ip[0]<<24)|(ip[1]<<16)|(ip[2]<<8)|ip[3])>>>0;for(var i=0;i>>0;var pfx=parseInt(sp[1],10);var mB=pfx===0?0:((0xFFFFFFFF<<(32-pfx))>>>0);if((ipN&mB)===(netN&mB))return _err('IP is on a restricted VLAN');}return _ok();}());if(t)return t;} if(validation&32768){t=_acc(function(){if(!s)return _par('');if(/^[0-9.]+$/.test(s)){var rv=_ipv4(s);return rv==='ok'?_ok():(rv==='partial'||rv==='empty')?_par(''):_err('Invalid character');}if(s.indexOf(':')!==-1){var cc=(s.match(/:/g)||[]).length;if(cc>1){if(/:::/.test(s)||(s.match(/::/g)||[]).length>1)return _err('Invalid hostname or IP');if(/[^0-9a-fA-F:.]/.test(s))return _err('Invalid character');var col=s.replace(/[^:]/g,'').length;return(s.indexOf('::')!==-1||col===7)?_ok():_par('');}return _checkDomain(s.slice(0,s.lastIndexOf(':')));}return _checkDomain(s);}());if(t)return t;} - if(validation&65536){t=_acc(function(){if(!s)return _par('');if(/^[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}$/.test(s))return _ok();var ai=s.indexOf('@');if(ai<=0)return _par('');var local=s.slice(0,ai);if(!/^[a-zA-Z0-9._%+\-]+$/.test(local))return _err('Invalid email address');var dom=s.slice(ai+1);if(!dom||dom.indexOf('.')===-1||dom[dom.length-1]==='.')return _par('');return _err('Invalid email address');}());if(t)return t;} + if(validation&65536){t=_acc(function(){if(!s)return _par('');if(/[^a-zA-Z0-9._+\-@]/.test(s))return _err('Invalid email address');if(/^[a-zA-Z0-9._+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}$/.test(s))return _ok();var ai=s.indexOf('@');if(ai<=0)return _par('');var dom=s.slice(ai+1);if(!dom||dom.indexOf('.')===-1||dom[dom.length-1]==='.')return _par('');return _err('Invalid email address');}());if(t)return t;} return anyPartial?_par(''):_err(firstMsg||'Invalid'); } var lines=value.split('\n'),hasPartial=false,seen={},hasContent=false; diff --git a/docker/routlin-dash/app/sanitize.py b/docker/routlin-dash/app/sanitize.py index 006d2cf..2a66e96 100644 --- a/docker/routlin-dash/app/sanitize.py +++ b/docker/routlin-dash/app/sanitize.py @@ -201,7 +201,7 @@ def time_24h(value, max_len=5): def email(value, max_len=254): """Email address: strict format check. Returns lowercased address or empty string.""" s = str(value).strip().lower()[:max_len] - if re.fullmatch(r'[a-z0-9._%+\-]+@[a-z0-9.\-]+\.[a-z]{2,}', s): + if re.fullmatch(r'[a-z0-9._+\-]+@[a-z0-9.\-]+\.[a-z]{2,}', s): return s return ''