Stop requiring \\. for Config.whitelist

PS already does other post-processing for the Config whitelist to make sure it's matching a domain name, so also making it no longer require escaping is useful.
DylanSp · Aug 15, 2020 · 54343a9 · 54343a9
1 parent 6b02032
commit 54343a9
Show file tree

Hide file tree

Showing 2 changed files with 108 additions and 97 deletions.
diff --git a/config/config-example.js b/config/config-example.js
@@ -6,115 +6,126 @@ Config.bannedHosts = ['cool.jit.su', 'pokeball-nixonserver.rhcloud.com'];
 
 Config.whitelist = [
 	// general sites
-	'wikipedia\\.org',
-	'wikimedia\\.org',
-	'wiktionary\\.org',
-	'github\\.com',
-	'reddit\\.com',
-	'gamefaqs\\.com',
-	'facebook\\.com',
-	'fbcdn\\.net',
-	'twitter\\.com',
-	'deviantart\\.com',
-	'youtube\\.com',
-	'youtu\\.be',
-	'zombo\\.com',
-	'strawpoll\\.me',
-	'twitch\\.tv',
-	'take-a-screenshot\\.org',
-	'myanimelist\\.net',
-	'4chan\\.org',
-	'tumblr\\.com',
-	'git\\.io',
-	'mibbit\\.com',
-	'codecademy\\.com',
-	'xkcd\\.com',
-	'stackoverflow\\.com',
-	'stackexchange\\.com',
-	'malwarebytes\\.org',
-	'animenewsnetwork\\.com',
-	'animenewsnetwork\\.cc',
-	'zombo\\.com',
-	'html5zombo\\.com',
+	'wikipedia.org',
+	'wikimedia.org',
+	'wiktionary.org',
+	'github.com',
+	'reddit.com',
+	'gamefaqs.com',
+	'facebook.com',
+	'fbcdn.net',
+	'twitter.com',
+	'tumblr.com',
+	'deviantart.com',
+	'youtube.com',
+	'youtu.be',
+	'zombo.com',
+	'strawpoll.me',
+	'twitch.tv',
+	'take-a-screenshot.org',
+	'myanimelist.net',
+	'4chan.org',
+	'tumblr.com',
+	'git.io',
+	'mibbit.com',
+	'codecademy.com',
+	'xkcd.com',
+	'stackoverflow.com',
+	'stackexchange.com',
+	'malwarebytes.org',
+	'animenewsnetwork.com',
+	'animenewsnetwork.cc',
+	'zombo.com',
+	'html5zombo.com',
+	'whatismyipaddress.com',
 
 	// pokemon sites
-	'pokemonshowdown\\.com',
-	'psim\\.us',
-	'smogon\\.com',
-	'upokecenter\\.com',
-	'veekun\\.com',
-	'bulbagarden\\.net',
-	'serebii\\.net',
-	'nuggetbridge\\.com',
-	'pokecommunity\\.com',
-	'pokemon-online\\.eu',
-	'pokemonlab\\.com',
-	'shoddybattle\\.com',
-	'pokemonxy\\.com',
-	'pokemon\\.com',
-	'pokemon-gl\\.com',
-	'pokecheck\\.org',
-	'projectpokemon\\.org',
-	'pokemondb\\.net',
-	'pokemoncentral\\.it',
-	'poketrade\\.us',
-	'neverused\\.net',
-	'pokestrat\\.com',
-	'spo\\.ink',
-	'jooas\\.com',
-	'pokemongodb\\.net',
-	'pokeassistant\\.com',
-	'pokemon-sunmoon\\.com',
-	'gamepress\\.gg',
-	'trainertower\\.com',
-	'pokepast\\.es',
+	'pokemonshowdown.com',
+	'psim.us',
+	'smogon.com',
+	'upokecenter.com',
+	'veekun.com',
+	'bulbagarden.net',
+	'serebii.net',
+	'nuggetbridge.com',
+	'pokecommunity.com',
+	'pokemon-online.eu',
+	'pokemonlab.com',
+	'shoddybattle.com',
+	'pokemonxy.com',
+	'pokemon.com',
+	'pokemon-gl.com',
+	'pokecheck.org',
+	'projectpokemon.org',
+	'pokemondb.net',
+	'pokemoncentral.it',
+	'poketrade.us',
+	'neverused.net',
+	'pokestrat.com',
+	'pokestrat.io',
+	'spo.ink',
+	'jooas.com',
+	'pokemongodb.net',
+	'pokeassistant.com',
+	'pokemon-sunmoon.com',
+	'gamepress.gg',
+	'trainertower.com',
+	'pokepast.es',
+	'pokepedia.fr',
+	'randbatscalc.github.io',
+	'ruins-of-alph.github.io',
 
 	// personal sites
-	'breakdown\\.forumotion\\.com',
-	'pokemonmillennium\\.net',
-	'thebattletower\\.no-ip\\.org',
-	'meltsner\\.com',
-	'guangcongluo\\.com',
-	'cathyjf\\.com',
-	'xiaotai\\.org',
-	'xfix\\.pw',
-	'bumba\\.me',
-	'strategydatabase\\.jimdo\\.com',
-	'hidden50\\.github\\.io',
+	'breakdown.forumotion.com',
+	'pokemonmillennium.net',
+	'thebattletower.no-ip.org',
+	'meltsner.com',
+	'guangcongluo.com',
+	'cathyjf.com',
+	'xiaotai.org',
+	'xfix.pw',
+	'pkmn.cc',
+	'bumba.me',
+	'strategydatabase.jimdo.com',
+	'hidden50.github.io',
+	'krisxv.github.io',
 	// personal hosting sites
-	'forumieren\\.com',
-	'soforums\\.com',
-	'proboards\\.com',
-	'weebly\\.com',
-	'freeforums\\.org',
-	'forumactif\\.com',
-	'forumotion\\.com',
-	'bigbangpokemon\\.com',
+	'forumieren.com',
+	'soforums.com',
+	'proboards.com',
+	'weebly.com',
+	'freeforums.org',
+	'forumactif.com',
+	'forumotion.com',
+	'bigbangpokemon.com',
+	'sites.google.com',
 
 	// rich text
-	'docs\\.google\\.com',
+	'docs.google.com',
 
 	// text
-	'pastebin\\.com',
-	'hastebin\\.com',
-	'trello\\.com',
-	'challonge\\.com',
-	'piratepad\\.net',
+	'pastebin.com',
+	'hastebin.com',
+	'pastie.io',
+	'trello.com',
+	'challonge.com',
+	'piratepad.net',
+	'pastebin.run',
 
 	// music
-	'plug\\.dj',
-	'openings\\.moe',
+	'plug.dj',
+	'openings.moe',
 
 	// images
-	'prntscr\\.com',
-	'prnt\\.sc',
-	'puu\\.sh',
-	'd\\.pr',
-	'snag\\.gy',
-	'gyazo\\.com',
-	'imgur\\.com',
-	'gfycat\\.com',
-	'4cdn\\.org'
+	'prntscr.com',
+	'prnt.sc',
+	'puu.sh',
+	'd.pr',
+	'snag.gy',
+	'gyazo.com',
+	'imgur.com',
+	'gfycat.com',
+	'4cdn.org'
 ];
 
 // `defaultserver` specifies the server to use when the domain name in the

diff --git a/src/battle-log.ts b/src/battle-log.ts
@@ -670,7 +670,7 @@ class BattleLog {
 	static interstice = (() => {
 		const whitelist: string[] = Config.whitelist;
 		const patterns = whitelist.map(entry => new RegExp(
-			`^(https?:)?//([A-Za-z0-9-]*\\.)?${entry}(/.*)?`,
+			`^(https?:)?//([A-Za-z0-9-]*\\.)?${entry.replace(/\./g, '\\.')}(/.*)?`,
 		'i'));
 		return {
 			isWhitelisted(uri: string) {