HCoop / hcoop / portal.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a976bf7)
join: support for blocking spam domains
authorClinton Ebadi <clinton@unknownlamer.org>
Tue, 3 Apr 2018 00:28:39 +0000 (20:28 -0400)
committerClinton Ebadi <clinton@unknownlamer.org>
Tue, 3 Apr 2018 00:28:39 +0000 (20:28 -0400)
deny applications from list of domains by marking the email address
invalid. prevents trivial attack.

app/app.sml patch | blob | blame | history
config.sig patch | blob | blame | history
config.sml patch | blob | blame | history

diff --git a/app/app.sml b/app/app.sml
index d59a627..ec3efcf 100644 (file)
--- a/app/app.sml
+++ b/app/app.sml
@@ -171,9 +171,9 @@ fun validEmailUser s =
                                               (String.explode s)
 
 fun validEmail s =
-    (case String.fields (fn ch => ch = #"@") s of
-        [user, host] => validEmailUser user andalso validDomain host
-       | _ => false)
+       case String.fields (fn ch => ch = #"@") s of
+           [user, host] => validEmailUser user andalso validDomain host andalso not (List.exists (fn x => x = host) Config.joinBannedEmailDomains)
+         | _ => false
 
 fun userExists name =
     case C.oneOrNoRows (getDb ()) ($`SELECT id FROM WebUser WHERE name = ^(C.stringToSql name)`) of
diff --git a/config.sig b/config.sig
index 66dd016..018b9f4 100644 (file)
--- a/config.sig
+++ b/config.sig
@@ -10,4 +10,9 @@ val passgenDbstring : string
 val statsRoot : string
 val staticFilesRoot : string
 
+val joinBannedEmailDomains : string list
+(* domains that may not be used in member applications, really
+rudimentary spam filtering for some persistent spammers that use the
+same two domains. *)
+
 end
diff --git a/config.sml b/config.sml
index 2af252f..4041216 100644 (file)
--- a/config.sml
+++ b/config.sml
@@ -14,4 +14,6 @@ val passgenDbstring = "dbname='hcoop_passgen' user='hcoop' host='postgres' port=
 val statsRoot = "/afs/hcoop.net/user/h/hc/hcoop/portal-tools/etc/stats/"
 val staticFilesRoot = "/afs/hcoop.net/user/h/hc/hcoop/portal-tools/etc/static/"
 
+val joinBannedEmailDomains = [ "163.com", "yeah.net"]
+
 end
Unnamed repository; edit this file 'description' to name the repository.