[core,utils] Support unpublicised `--no-check-extensions`
This commit is contained in:
parent
e3a9ce0097
commit
a4ffbc78fe
|
@ -21,6 +21,7 @@ from .compat import (
|
||||||
workaround_optparse_bug9161,
|
workaround_optparse_bug9161,
|
||||||
)
|
)
|
||||||
from .utils import (
|
from .utils import (
|
||||||
|
_UnsafeExtensionError,
|
||||||
DateRange,
|
DateRange,
|
||||||
decodeOption,
|
decodeOption,
|
||||||
DEFAULT_OUTTMPL,
|
DEFAULT_OUTTMPL,
|
||||||
|
@ -173,6 +174,9 @@ def _real_main(argv=None):
|
||||||
if opts.ap_mso and opts.ap_mso not in MSO_INFO:
|
if opts.ap_mso and opts.ap_mso not in MSO_INFO:
|
||||||
parser.error('Unsupported TV Provider, use --ap-list-mso to get a list of supported TV Providers')
|
parser.error('Unsupported TV Provider, use --ap-list-mso to get a list of supported TV Providers')
|
||||||
|
|
||||||
|
if opts.no_check_extensions:
|
||||||
|
_UnsafeExtensionError.lenient = True
|
||||||
|
|
||||||
def parse_retries(retries):
|
def parse_retries(retries):
|
||||||
if retries in ('inf', 'infinite'):
|
if retries in ('inf', 'infinite'):
|
||||||
parsed_retries = float('inf')
|
parsed_retries = float('inf')
|
||||||
|
|
|
@ -533,6 +533,10 @@ def parseOpts(overrideArguments=None):
|
||||||
'--no-check-certificate',
|
'--no-check-certificate',
|
||||||
action='store_true', dest='no_check_certificate', default=False,
|
action='store_true', dest='no_check_certificate', default=False,
|
||||||
help='Suppress HTTPS certificate validation')
|
help='Suppress HTTPS certificate validation')
|
||||||
|
workarounds.add_option(
|
||||||
|
'--no-check-extensions',
|
||||||
|
action='store_true', dest='no_check_extensions', default=False,
|
||||||
|
help='Suppress file extension validation')
|
||||||
workarounds.add_option(
|
workarounds.add_option(
|
||||||
'--prefer-insecure',
|
'--prefer-insecure',
|
||||||
'--prefer-unsecure', action='store_true', dest='prefer_insecure',
|
'--prefer-unsecure', action='store_true', dest='prefer_insecure',
|
||||||
|
|
|
@ -6587,7 +6587,6 @@ KNOWN_EXTENSIONS = (
|
||||||
class _UnsafeExtensionError(Exception):
|
class _UnsafeExtensionError(Exception):
|
||||||
"""
|
"""
|
||||||
Mitigation exception for unwanted file overwrite/path traversal
|
Mitigation exception for unwanted file overwrite/path traversal
|
||||||
This should be caught in YoutubeDL.py with a warning
|
|
||||||
|
|
||||||
Ref: https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-79w7-vh3h-8g4j
|
Ref: https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-79w7-vh3h-8g4j
|
||||||
"""
|
"""
|
||||||
|
@ -6666,6 +6665,9 @@ class _UnsafeExtensionError(Exception):
|
||||||
super(_UnsafeExtensionError, self).__init__('unsafe file extension: {0!r}'.format(extension))
|
super(_UnsafeExtensionError, self).__init__('unsafe file extension: {0!r}'.format(extension))
|
||||||
self.extension = extension
|
self.extension = extension
|
||||||
|
|
||||||
|
# support --no-check-extensions
|
||||||
|
lenient = False
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def sanitize_extension(cls, extension, **kwargs):
|
def sanitize_extension(cls, extension, **kwargs):
|
||||||
# ... /, *, prepend=False
|
# ... /, *, prepend=False
|
||||||
|
@ -6678,7 +6680,7 @@ class _UnsafeExtensionError(Exception):
|
||||||
last = extension.rpartition('.')[-1]
|
last = extension.rpartition('.')[-1]
|
||||||
if last == 'bin':
|
if last == 'bin':
|
||||||
extension = last = 'unknown_video'
|
extension = last = 'unknown_video'
|
||||||
if last.lower() not in cls._ALLOWED_EXTENSIONS:
|
if not (cls.lenient or last.lower() in cls._ALLOWED_EXTENSIONS):
|
||||||
raise cls(extension)
|
raise cls(extension)
|
||||||
|
|
||||||
return extension
|
return extension
|
||||||
|
|
Loading…
Reference in New Issue