From f01bc5ec5929941f67fbc6d409ace25a454b7a91 Mon Sep 17 00:00:00 2001 From: Cmliakos Date: Mon, 15 Dec 2025 16:05:08 -0500 Subject: [PATCH 1/9] Remove profanity fitter from activity search and activity location search --- backend/middleware/profanity.js | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/backend/middleware/profanity.js b/backend/middleware/profanity.js index 28aecff..c407d8f 100644 --- a/backend/middleware/profanity.js +++ b/backend/middleware/profanity.js @@ -22,6 +22,17 @@ function scanValue(value) { } export function profanity(req, res, next) { + const skipProfanityPaths = [ + "/placesAPI/search", + "/placesAPI/cityAutocomplete", + ]; + + const cleanUrl = req.originalUrl.split("?")[0]; + + if (skipProfanityPaths.some((p) => cleanUrl.startsWith(p))) { + return next(); + } + if (req.method === "GET" || req.method === "HEAD") return next(); if (!req.body || typeof req.body !== "object") return next(); From 64c539b0ec6d5908aa3e08bee008e0b394b3d63c Mon Sep 17 00:00:00 2001 From: Cmliakos Date: Mon, 15 Dec 2025 20:29:36 -0500 Subject: [PATCH 2/9] Fix --- backend/middleware/profanity.js | 29 +++++++++++++++++++++++++---- 1 file changed, 25 insertions(+), 4 deletions(-) diff --git a/backend/middleware/profanity.js b/backend/middleware/profanity.js index c407d8f..f1f4f78 100644 --- a/backend/middleware/profanity.js +++ b/backend/middleware/profanity.js @@ -21,6 +21,21 @@ function scanValue(value) { return false; } +function removeKeys(obj, keys) { + if (!obj || typeof obj !== "object") return; + + if (Array.isArray(obj)) { + obj.forEach((v) => removeKeys(v, keys)); + return; + } + + keys.forEach((k) => { + delete obj[k]; + }); + + Object.values(obj).forEach((v) => removeKeys(v, keys)); +} + export function profanity(req, res, next) { const skipProfanityPaths = [ "/placesAPI/search", @@ -36,13 +51,19 @@ export function profanity(req, res, next) { if (req.method === "GET" || req.method === "HEAD") return next(); if (!req.body || typeof req.body !== "object") return next(); + const isActivityCreate = req.method === "POST" && cleanUrl === "/activities/create"; + + const bodyToScan = structuredClone(req.body); + const ignoredKeys = ["customPhoto", "photo", "pfp"]; + removeKeys(bodyToScan, ignoredKeys); + + if (isActivityCreate) { + removeKeys(bodyToScan, ["name", "notes"]); + } - const filtered = Object.fromEntries( - Object.entries(req.body).filter(([key]) => !ignoredKeys.includes(key)) - ); - if (scanValue(filtered)) { + if (scanValue(bodyToScan)) { return res.status(400).json({ error: "Profanity detected." }); } From b59f3b282b6ddc1ddd9e1a5b002b771783eb57a2 Mon Sep 17 00:00:00 2001 From: Cmliakos Date: Mon, 15 Dec 2025 20:45:54 -0500 Subject: [PATCH 3/9] Fix fix fixxity fix --- backend/middleware/profanity.js | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/backend/middleware/profanity.js b/backend/middleware/profanity.js index f1f4f78..10e1526 100644 --- a/backend/middleware/profanity.js +++ b/backend/middleware/profanity.js @@ -52,6 +52,16 @@ export function profanity(req, res, next) { if (!req.body || typeof req.body !== "object") return next(); const isActivityCreate = req.method === "POST" && cleanUrl === "/activities/create"; + const isActivityDelete = req.method === "DELETE" && cleanUrl.startsWith("/activities/"); + const isActivityUpdate = req.method === "PUT" && cleanUrl.startsWith("/activities/"); + + if (isActivityDelete) { + return next(); + } + + if (isActivityUpdate) { + return next(); + } const bodyToScan = structuredClone(req.body); @@ -62,7 +72,6 @@ export function profanity(req, res, next) { removeKeys(bodyToScan, ["name", "notes"]); } - if (scanValue(bodyToScan)) { return res.status(400).json({ error: "Profanity detected." }); } From 9b7936499dd3a50f5244708b92da1837a711012e Mon Sep 17 00:00:00 2001 From: Cmliakos Date: Mon, 15 Dec 2025 20:48:39 -0500 Subject: [PATCH 4/9] . --- backend/middleware/profanity.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/middleware/profanity.js b/backend/middleware/profanity.js index 10e1526..b0a6b5a 100644 --- a/backend/middleware/profanity.js +++ b/backend/middleware/profanity.js @@ -69,7 +69,7 @@ export function profanity(req, res, next) { removeKeys(bodyToScan, ignoredKeys); if (isActivityCreate) { - removeKeys(bodyToScan, ["name", "notes"]); + removeKeys(bodyToScan, ["name"]); } if (scanValue(bodyToScan)) { From 530c62a87afe280bab155fa27cfa7f5bc11abc99 Mon Sep 17 00:00:00 2001 From: Cmliakos Date: Mon, 15 Dec 2025 20:51:36 -0500 Subject: [PATCH 5/9] . --- backend/middleware/profanity.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/middleware/profanity.js b/backend/middleware/profanity.js index b0a6b5a..10e1526 100644 --- a/backend/middleware/profanity.js +++ b/backend/middleware/profanity.js @@ -69,7 +69,7 @@ export function profanity(req, res, next) { removeKeys(bodyToScan, ignoredKeys); if (isActivityCreate) { - removeKeys(bodyToScan, ["name"]); + removeKeys(bodyToScan, ["name", "notes"]); } if (scanValue(bodyToScan)) { From d667ee1b0f9ebe1c5da474e1e121b80c4f3b6a4c Mon Sep 17 00:00:00 2001 From: Cmliakos Date: Mon, 15 Dec 2025 20:56:42 -0500 Subject: [PATCH 6/9] .. --- backend/middleware/profanity.js | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/backend/middleware/profanity.js b/backend/middleware/profanity.js index 10e1526..0f6f3a1 100644 --- a/backend/middleware/profanity.js +++ b/backend/middleware/profanity.js @@ -59,17 +59,13 @@ export function profanity(req, res, next) { return next(); } - if (isActivityUpdate) { - return next(); - } - const bodyToScan = structuredClone(req.body); const ignoredKeys = ["customPhoto", "photo", "pfp"]; removeKeys(bodyToScan, ignoredKeys); - if (isActivityCreate) { - removeKeys(bodyToScan, ["name", "notes"]); + if (isActivityCreate || isActivityUpdate) { + removeKeys(bodyToScan, ["name"]); } if (scanValue(bodyToScan)) { From 0d194a0ab7c500f7bbd72c6bbed649be451c6788 Mon Sep 17 00:00:00 2001 From: Cmliakos Date: Mon, 15 Dec 2025 21:02:13 -0500 Subject: [PATCH 7/9] .. --- backend/middleware/profanity.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/middleware/profanity.js b/backend/middleware/profanity.js index 0f6f3a1..b8a7abd 100644 --- a/backend/middleware/profanity.js +++ b/backend/middleware/profanity.js @@ -65,7 +65,7 @@ export function profanity(req, res, next) { removeKeys(bodyToScan, ignoredKeys); if (isActivityCreate || isActivityUpdate) { - removeKeys(bodyToScan, ["name"]); + removeKeys(bodyToScan, ["name", "website"]); } if (scanValue(bodyToScan)) { From ef47481022af5d5cd146ed8572b891016e6dee0f Mon Sep 17 00:00:00 2001 From: Cmliakos Date: Mon, 15 Dec 2025 22:34:54 -0500 Subject: [PATCH 8/9] fix --- backend/middleware/profanity.js | 53 ++------------------------------- 1 file changed, 3 insertions(+), 50 deletions(-) diff --git a/backend/middleware/profanity.js b/backend/middleware/profanity.js index b8a7abd..64bff98 100644 --- a/backend/middleware/profanity.js +++ b/backend/middleware/profanity.js @@ -1,45 +1,10 @@ -import { RegExpMatcher, englishDataset, englishRecommendedTransformers } from "obscenity"; - -const matcher = new RegExpMatcher({ - ...englishDataset.build(), - ...englishRecommendedTransformers, -}); - -function scanValue(value) { - if (typeof value === "string") { - return matcher.hasMatch(value); - } - - if (Array.isArray(value)) { - return value.some((v) => scanValue(v)); - } - - if (value && typeof value === "object") { - return Object.values(value).some((v) => scanValue(v)); - } - - return false; -} - -function removeKeys(obj, keys) { - if (!obj || typeof obj !== "object") return; - - if (Array.isArray(obj)) { - obj.forEach((v) => removeKeys(v, keys)); - return; - } - - keys.forEach((k) => { - delete obj[k]; - }); - - Object.values(obj).forEach((v) => removeKeys(v, keys)); -} - export function profanity(req, res, next) { const skipProfanityPaths = [ "/placesAPI/search", "/placesAPI/cityAutocomplete", + "/activities/create", + "/activities/delete", + "/activities/update", ]; const cleanUrl = req.originalUrl.split("?")[0]; @@ -51,23 +16,11 @@ export function profanity(req, res, next) { if (req.method === "GET" || req.method === "HEAD") return next(); if (!req.body || typeof req.body !== "object") return next(); - const isActivityCreate = req.method === "POST" && cleanUrl === "/activities/create"; - const isActivityDelete = req.method === "DELETE" && cleanUrl.startsWith("/activities/"); - const isActivityUpdate = req.method === "PUT" && cleanUrl.startsWith("/activities/"); - - if (isActivityDelete) { - return next(); - } - const bodyToScan = structuredClone(req.body); const ignoredKeys = ["customPhoto", "photo", "pfp"]; removeKeys(bodyToScan, ignoredKeys); - if (isActivityCreate || isActivityUpdate) { - removeKeys(bodyToScan, ["name", "website"]); - } - if (scanValue(bodyToScan)) { return res.status(400).json({ error: "Profanity detected." }); } From 578a2f293e74d5ae83fef00dd960e550abd39bb2 Mon Sep 17 00:00:00 2001 From: Cmliakos Date: Mon, 15 Dec 2025 22:46:43 -0500 Subject: [PATCH 9/9] fix again --- backend/middleware/profanity.js | 38 +++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/backend/middleware/profanity.js b/backend/middleware/profanity.js index 64bff98..eda62d9 100644 --- a/backend/middleware/profanity.js +++ b/backend/middleware/profanity.js @@ -1,3 +1,41 @@ +import { RegExpMatcher, englishDataset, englishRecommendedTransformers } from "obscenity"; + +const matcher = new RegExpMatcher({ + ...englishDataset.build(), + ...englishRecommendedTransformers, +}); + +function scanValue(value) { + if (typeof value === "string") { + return matcher.hasMatch(value); + } + + if (Array.isArray(value)) { + return value.some((v) => scanValue(v)); + } + + if (value && typeof value === "object") { + return Object.values(value).some((v) => scanValue(v)); + } + + return false; +} + +function removeKeys(obj, keys) { + if (!obj || typeof obj !== "object") return; + + if (Array.isArray(obj)) { + obj.forEach((v) => removeKeys(v, keys)); + return; + } + + keys.forEach((k) => { + delete obj[k]; + }); + + Object.values(obj).forEach((v) => removeKeys(v, keys)); +} + export function profanity(req, res, next) { const skipProfanityPaths = [ "/placesAPI/search",