diff --git a/bin/submit_paste.py b/bin/submit_paste.py index 32367dd1..49c8e1f0 100755 --- a/bin/submit_paste.py +++ b/bin/submit_paste.py @@ -156,7 +156,7 @@ if __name__ == "__main__": expire_time = 120 MAX_FILE_SIZE = 1000000000 - ALLOWED_EXTENSIONS = 'txt' + ALLOWED_EXTENSIONS = ['txt', 'sh', 'pdf'] config_section = 'submit_paste' p = Process(config_section) @@ -215,7 +215,7 @@ if __name__ == "__main__": file_type = filename.rsplit('.', 1)[1] #txt file - if file_type == 'txt': + if file_type in ALLOWED_EXTENSIONS: with open(file_full_path,'r') as f: content = f.read() r_serv_log_submit.set(uuid + ':nb_total', 1) diff --git a/var/www/modules/PasteSubmit/Flask_PasteSubmit.py b/var/www/modules/PasteSubmit/Flask_PasteSubmit.py index 1e7f05d4..34e8c458 100644 --- a/var/www/modules/PasteSubmit/Flask_PasteSubmit.py +++ b/var/www/modules/PasteSubmit/Flask_PasteSubmit.py @@ -56,7 +56,7 @@ PasteSubmit = Blueprint('PasteSubmit', __name__, template_folder='templates') valid_filename_chars = "-_ %s%s" % (string.ascii_letters, string.digits) -ALLOWED_EXTENSIONS = set(['txt', 'zip', 'gz', 'tar.gz']) +ALLOWED_EXTENSIONS = set(['txt', 'sh', 'pdf', 'zip', 'gz', 'tar.gz']) UPLOAD_FOLDER = Flask_config.UPLOAD_FOLDER misp_event_url = Flask_config.misp_event_url @@ -297,8 +297,8 @@ def submit(): if ltags or ltagsgalaxies: if not addTagsVerification(ltags, ltagsgalaxies): - content = {'INVALID TAGS'} - return content, status.HTTP_400_BAD_REQUEST + content = 'INVALID TAGS' + return content, 400 # add submitted tags if(ltags != ''): @@ -345,8 +345,8 @@ def submit(): UUID = UUID) else: - content = {'wrong file type'} - return content, status.HTTP_400_BAD_REQUEST + content = 'wrong file type, allowed_extensions: sh, pdf, zip, gz, tar.gz or remove the extension' + return content, 400 elif paste_content != '': @@ -365,11 +365,11 @@ def submit(): UUID = UUID) else: - content = {'size error'} - return content, status.HTTP_400_BAD_REQUEST + content = 'size error' + return content, 400 - content = {'submit aborded'} - return content, status.HTTP_400_BAD_REQUEST + content = 'submit aborded' + return content, 400 return PasteSubmit_page() diff --git a/var/www/modules/PasteSubmit/templates/PasteSubmit.html b/var/www/modules/PasteSubmit/templates/PasteSubmit.html index 4ccdcf52..ce1fb29f 100644 --- a/var/www/modules/PasteSubmit/templates/PasteSubmit.html +++ b/var/www/modules/PasteSubmit/templates/PasteSubmit.html @@ -42,7 +42,7 @@