Skip to content

Commit

Permalink
Add domain blocklist
Browse files Browse the repository at this point in the history
  • Loading branch information
@elceef
elceef committed Jul 5, 2024
1 parent bac63ed commit d7d608d
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions webapp/webapp.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,8 @@
WEBAPP_HTML = os.environ.get('WEBAPP_HTML', 'webapp.html')
WEBAPP_DIR = os.environ.get('WEBAPP_DIR', os.path.dirname(os.path.abspath(__file__)))

DOMAIN_BLOCKLIST = []

DICTIONARY = ('auth', 'account', 'confirm', 'connect', 'enroll', 'http', 'https', 'info', 'login', 'mail', 'my',
'online', 'payment', 'portal', 'recovery', 'register', 'ssl', 'safe', 'secure', 'signin', 'signup', 'support',
'update', 'user', 'verify', 'verification', 'web', 'www')
Expand Down Expand Up @@ -137,6 +139,9 @@ def api_scan():
return jsonify({'message': 'Bad request'}), 400
if len(domain) > DOMAIN_MAXLEN:
return jsonify({'message': 'Domain name is too long'}), 400
for block in DOMAIN_BLOCKLIST:
if str(block) in domain:
return jsonify({'message': 'Not allowed'}), 400
try:
session = Session(j.get('url'), nameservers=NAMESERVERS)
except Exception as err:
Expand Down

0 comments on commit d7d608d

Please sign in to comment.