From 6c8557cbea8a731e93325ca2d108228f0a79a1a7 Mon Sep 17 00:00:00 2001 From: Jake Moore Date: Fri, 8 Dec 2023 18:23:12 -0800 Subject: [PATCH] 2.2.0.2 -Fixes DiscordWebhook sanitization of input. Took 7 minutes --- pom.xml | 3 +- .../kamicommon/util/DiscordWebhook.java | 119 ++---------------- 2 files changed, 14 insertions(+), 108 deletions(-) diff --git a/pom.xml b/pom.xml index 08645350..4da97c6d 100644 --- a/pom.xml +++ b/pom.xml @@ -4,7 +4,7 @@ com.kamikazejam kamicommon - 2.2.0.1 + 2.2.0.2 jar KamiCommon @@ -97,6 +97,7 @@ org.apache.maven.plugins maven-javadoc-plugin + 3.6.3 attach-javadocs diff --git a/src/main/java/com/kamikazejam/kamicommon/util/DiscordWebhook.java b/src/main/java/com/kamikazejam/kamicommon/util/DiscordWebhook.java index 252da1b4..4b9c405a 100644 --- a/src/main/java/com/kamikazejam/kamicommon/util/DiscordWebhook.java +++ b/src/main/java/com/kamikazejam/kamicommon/util/DiscordWebhook.java @@ -1,17 +1,20 @@ package com.kamikazejam.kamicommon.util; import lombok.Getter; +import lombok.Setter; +import org.json.JSONObject; import javax.net.ssl.HttpsURLConnection; import java.awt.Color; -import java.io.File; import java.io.IOException; import java.io.OutputStream; -import java.lang.reflect.Array; import java.net.URL; import java.text.DateFormat; import java.text.SimpleDateFormat; -import java.util.*; +import java.util.ArrayList; +import java.util.Date; +import java.util.List; +import java.util.TimeZone; /** * A simple class for sending discord webhooks, supports basic embeds and such @@ -20,9 +23,15 @@ public class DiscordWebhook { private final String url; + + // Hopefully this will sanitize the content + @Setter private String content; + @Setter private String username; + @Setter private String avatarUrl; + @Setter private boolean tts; private final List embeds = new ArrayList<>(); @@ -36,22 +45,6 @@ public DiscordWebhook(String url) { this.url = url; } - public void setContent(String content) { - this.content = content.replaceAll("\n", "\\\\n"); - } - - public void setUsername(String username) { - this.username = username; - } - - public void setAvatarUrl(String avatarUrl) { - this.avatarUrl = avatarUrl; - } - - public void setTts(boolean tts) { - this.tts = tts; - } - public void addEmbed(EmbedObject embed) { this.embeds.add(embed); } @@ -330,92 +323,4 @@ private boolean isInline() { } } } - - private static class JSONObject { - - private final HashMap map = new HashMap<>(); - - void put(String key, Object value) { - if (value != null) { - map.put(key, value); - } - } - - @Override - public String toString() { - StringBuilder builder = new StringBuilder(); - Set> entrySet = map.entrySet(); - builder.append("{"); - - int i = 0; - for (Map.Entry entry : entrySet) { - Object val = entry.getValue(); - builder.append(quote(entry.getKey())).append(":"); - - if (val instanceof String) { - builder.append(quote(String.valueOf(val))); - } else if (val instanceof Integer) { - builder.append(Integer.valueOf(String.valueOf(val))); - } else if (val instanceof Boolean) { - builder.append(val); - } else if (val instanceof JSONObject) { - builder.append(val); - } else if (val.getClass().isArray()) { - builder.append("["); - int len = Array.getLength(val); - for (int j = 0; j < len; j++) { - builder.append(Array.get(val, j).toString()).append(j != len - 1 ? "," : ""); - } - builder.append("]"); - } - - builder.append(++i == entrySet.size() ? "}" : ","); - } - - return builder.toString(); - } - - private String quote(String string) { - return "\"" + string + "\""; - } - } - - - - - - - public static void main(String[] args) throws IOException { - DateFormat df = new SimpleDateFormat("MMM dd, yyyy @ hh:mm aa 'PST'"); - df.setTimeZone(TimeZone.getTimeZone("PST")); - String nowAsISO = df.format(new Date()); - - File txtFile = new File("C:\\Users\\Jake\\url.txt"); - Scanner myReader = new Scanner(txtFile); - String data = myReader.nextLine(); - myReader.close(); - -// DiscordWebhook webhook = new DiscordWebhook(data); -// webhook.addEmbed( -// new DiscordWebhook.EmbedObject() -// .setThumbnail("https://i.imgur.com/kDhrprY.png") -// .setTitle("Dupe Detector | {player}") -// .addField("{player} tried to use a duped item!", -// " \\n" -// + "Item: {item}\\n" -// + "Worth: {amount}!\\n" -// + "Time: " + nowAsISO + "\\n" -// + "Result: Duped item removed.", true -// ) -// .setFooter("JunoMC | Dupe Detector", "https://i.imgur.com/kDhrprY.png") -// .setTimeStamp() -// ); -// webhook.execute(); - -// DiscordWebhook webhook = new DiscordWebhook(data); -// webhook.setContent("title\ndescription"); -// webhook.execute(); - - } - } \ No newline at end of file