From 7a3b7e6d623e81e4e77f855fd13540e813a91f63 Mon Sep 17 00:00:00 2001 From: Pedro Montes Alcalde Date: Wed, 6 Mar 2024 16:36:14 -0300 Subject: [PATCH 1/2] Make API key & RSS feed url only show when clicked (#205) --- .../templates/registration/edit.html.slime | 10 +++++++--- lib/philomena_web/templates/setting/edit.html.slime | 6 +++++- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/lib/philomena_web/templates/registration/edit.html.slime b/lib/philomena_web/templates/registration/edit.html.slime index d7ba2046d..88bfd1aae 100644 --- a/lib/philomena_web/templates/registration/edit.html.slime +++ b/lib/philomena_web/templates/registration/edit.html.slime @@ -20,9 +20,13 @@ p h3 API Key p ' Your API key is - code> - = @current_user.authentication_token - ' - you can use this to allow API consumers to access your account. + #api-key-button> + code> + = link("Click to show", to: "#", data: [click_show: "#api-key", click_hide: "#api-key-button"]) + #api-key.hidden> + code> + = @current_user.authentication_token + p You can use this to allow API consumers to access your account. p ' Avoid sharing this key with others, as it could be used to compromise ' your account. diff --git a/lib/philomena_web/templates/setting/edit.html.slime b/lib/philomena_web/templates/setting/edit.html.slime index 470645355..4f2124258 100644 --- a/lib/philomena_web/templates/setting/edit.html.slime +++ b/lib/philomena_web/templates/setting/edit.html.slime @@ -47,7 +47,11 @@ h1 Content Settings p ' RSS feed link (for Newsblur, RSSOwl, Thunderbird, etc.): br - = url_input f, :subscribe_url, value: Routes.api_rss_watched_url(@conn, :index, key: @conn.assigns.current_user.authentication_token), class: "input input--wide" + #rss-feed-button> + code> + = link("Click to show", to: "#", data: [click_show: "#rss-link", click_hide: "#rss-feed-button"]) + #rss-link.hidden + = url_input f, :subscribe_url, value: Routes.api_rss_watched_url(@conn, :index, key: @conn.assigns.current_user.authentication_token), class: "input input--wide" br ' Do not share this URL with anyone, it may allow an attacker to compromise your account. From 886539c514a308a129fc3c8c957a38c1a20041b8 Mon Sep 17 00:00:00 2001 From: Liam Date: Thu, 7 Mar 2024 09:09:50 -0500 Subject: [PATCH 2/2] Things have not improved since this scraper was written --- lib/philomena/scrapers/twitter.ex | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/lib/philomena/scrapers/twitter.ex b/lib/philomena/scrapers/twitter.ex index dc105537b..b75e45088 100644 --- a/lib/philomena/scrapers/twitter.ex +++ b/lib/philomena/scrapers/twitter.ex @@ -9,19 +9,27 @@ defmodule Philomena.Scrapers.Twitter do def scrape(_uri, url) do [user, status_id] = Regex.run(@url_regex, url, capture: :all_but_first) - image_url = "https://d.fxtwitter.com/#{user}/status/#{status_id}.jpg" + api_url = "https://api.fxtwitter.com/#{user}/status/#{status_id}" + {:ok, %Tesla.Env{status: 200, body: body}} = Philomena.Http.get(api_url) - {:ok, %Tesla.Env{status: 200}} = Philomena.Http.head(image_url) + json = Jason.decode!(body) + + images = + Enum.map(json["tweet"]["media"]["photos"], fn p -> + %{ + url: large_format(p["url"]), + camo_url: Camo.Image.image_url(p["url"]) + } + end) %{ source_url: "https://twitter.com/#{user}/status/#{status_id}", author_name: user, - images: [ - %{ - url: image_url, - camo_url: Camo.Image.image_url(image_url) - } - ] + images: images } end + + defp large_format(str) do + String.replace_suffix(str, ".jpg", "?format=jpg&name=large") + end end