Commit Graph

796 Commits

Author SHA1 Message Date
Filippo Valsorda 4d318be195 [update] fix (unexploitable) BB'06 vulnerability in rsa_verify
The rsa_verify code was vulnerable to a BB'06 attack, allowing to forge
signatures for arbitrary messages if and only if the public key exponent is
3.  Since the updates key is hardcoded to 65537, there is no risk for
youtube-dl, but I don't want vulnerable code in the wild.

The new function adopts a way safer approach of encoding-and-comparing to
replace the dangerous parsing code.
2016-01-21 20:12:17 +00:00
Jaime Marquínez Ferrándiz e37afbe0b8 [YoutubeDL] urlopen: disable the 'file:' protocol (#8227)
If someone is running youtube-dl on a server to deliver files, the user could input 'file:///some/important/file' and youtube-dl would save that file as a video giving access to sensitive information to the user.
'file:' urls can be filtered, but the user can use an URL to a crafted m3u8 manifest like:

    #EXTM3U
    #EXT-X-MEDIA-SEQUENCE:0
    #EXTINF:10.0
    file:///etc/passwd
    #EXT-X-ENDLIST

With this patch 'file:' URLs raise URLError like for unknown protocols.
2016-01-14 00:24:04 +01:00
Jakub Wilk dfb1b1468c Fix typos
Closes #8200.
2016-01-10 17:24:28 +01:00
remitamine f11d00fa41 [test_subtitles] remove BlipTV test 2015-12-21 16:52:47 +01:00
Sergey M․ 6b77d52b1f [test_utils] Add tests for encode_compat_str 2015-12-20 07:07:14 +06:00
Yen Chi Hsuan db2fe38b55 [utils] Support alternative timestamp format in TTML
Fixes #7608
2015-12-19 19:29:51 +08:00
Yen Chi Hsuan d631d5f9f2 [utils] Fix TTML conversion
Tolerate invalid timestamps (closes #7909)
2015-12-19 18:21:42 +08:00
Sergey M․ 31b2051e21 [utils] Add remove_quotes 2015-12-14 21:30:58 +06:00
Jaime Marquínez Ferrándiz 47f48f5d85 [test/test_all_urls] Update pbs extractor name
It's in lowercase now (since e15e2ef7a0).
2015-12-08 21:12:13 +01:00
Sergey M․ 9cb9a5df77 [utils] Check ext with trailing slash against the list of known extensions 2015-11-22 17:27:13 +06:00
Sergey M․ 5035536e3f [test_utils] Add tests for determine_ext 2015-11-22 06:33:52 +06:00
Sergey M․ 7aefc49c40 [utils] Skip invalid/non HTML entities (Closes #7518) 2015-11-16 20:20:16 +06:00
Yen Chi Hsuan ff29bf81f8 [jsinterp] Support alternative function definition form 2015-11-10 12:54:02 +08:00
Yen Chi Hsuan 66d041f250 [test/subtitles] Add test for DemocracynowIE 2015-11-04 00:53:30 +08:00
Jaime Marquínez Ferrándiz 6a75040278 [utils] unified_strdate: Return None if the date format can't be recognized (fixes #7340)
This issue was introduced with ae12bc3ebb, it returned 'None'.
2015-11-02 14:08:38 +01:00
Sergey M 30eecc6a04 Merge pull request #7296 from jaimeMF/xml_attrib_unicode
Use a wrapper around xml.etree.ElementTree.fromstring in python 2.x (…
2015-10-31 18:15:21 +00:00
Sergey M․ 578c074575 [utils] Support list of xpath in xpath_element 2015-10-31 22:39:44 +06:00
Sergey M․ 52c3a6e49d [utils] Improve parse_iso8601 2015-10-28 21:40:22 +06:00
Jaime Marquínez Ferrándiz f78546272c [compat] compat_etree_fromstring: also decode the text attribute
Deletes parse_xml from utils, because it also does it.
2015-10-26 16:41:24 +01:00
Jaime Marquínez Ferrándiz 387db16a78 [compat] compat_etree_fromstring: only decode bytes objects 2015-10-25 20:30:54 +01:00
Jaime Marquínez Ferrándiz 36e6f62cd0 Use a wrapper around xml.etree.ElementTree.fromstring in python 2.x (#7178)
Attributes aren't unicode objects, so they couldn't be directly used in info_dict fields (for example '--write-description' doesn't work with bytes).
2015-10-25 20:13:16 +01:00
Jaime Marquínez Ferrándiz 65d49afa48 [test/test_download] Use extract_flat = 'in_playlist' for playlist items
Some playlist extractors return a 'url' result, which wouldn't be resolved.
2015-10-23 14:12:46 +02:00
Sergey M․ d01949dc89 [utils:js_to_json] Fix bad escape in double quoted strings 2015-10-20 23:09:51 +06:00
Sergey M․ 448ef1f31c [extractor/common] Allow angle brackets in attributes in _og_regexes (#7215) 2015-10-18 09:11:02 +06:00
Sergey M․ 8e5b121948 [test_youtube_lists] Add test flat playlist entries' titles 2015-10-18 00:27:06 +06:00
Sergey M․ db0a8ad979 [test_InfoExtractor] Add test for unquoted attribute 2015-10-14 21:11:06 +06:00
Sergey M․ 1c29e81e62 [test_InfoExtractor] Add test for 7a6d76a64d 2015-10-14 20:58:52 +06:00
Jaime Marquínez Ferrándiz 7d0ada5ff9 [test/helper] Fix style
Use the correct indentation to please flake8
2015-10-02 13:42:11 +02:00
Sergey M․ f88f1b40ce [test/helper] Clarify field for list length mismatch 2015-09-30 20:33:59 +06:00
Sergey M․ 386a7b52d5 [test/helper] Spelling 2015-09-30 20:33:51 +06:00
Sergey M․ 2e885de796 [test/helper] Formatting 2015-09-30 20:33:45 +06:00
Qijiang Fan 687c04cbb8 [test] use descriptive variable name 2015-09-30 20:33:35 +06:00
Qijiang Fan 40c931de4b [test] split expect_dict to two functions 2015-09-30 20:33:30 +06:00
Qijiang Fan 93bc7ef165 [test] recursively check dict and list in expect_info_dict
This allows to use md5:, re:, etc within the str inside a list
or dict.
2015-09-30 20:33:20 +06:00
Sergey M․ c6aa838b51 [youtube:history] Enable exractor 2015-09-21 21:28:02 +06:00
Jaime Marquínez Ferrándiz f005f96ea5 [youtube:history] Explain why it has disabled and skip test 2015-09-20 12:23:13 +02:00
remitamine c67a055d16 [test/test_write_annotations] fix test filename
Closes #6781
2015-09-07 11:18:55 +02:00
Sergey M․ 3513d41436 [test_compat] Fix typo 2015-09-05 21:45:52 +06:00
Sergey M․ ee087c79ad [test_compat] Add test for compat_shlex_split 2015-09-05 21:41:34 +06:00
Sergey M․ f71264490c [test_utils] Add tests for cli option converters 2015-09-05 03:07:19 +06:00
Sergey M․ 87f70ab39d [test_utils] Add more tests for xpath 2015-09-05 00:36:16 +06:00
Yen Chi Hsuan f908b74fa3 [test/subtitles] Add test for ThePlatformFeedIE 2015-08-21 01:38:57 +08:00
Sergey M․ 8e2b1be127 [test/helper] Make age_limit checkable field 2015-08-08 21:42:50 +06:00
Sergey M. d5d7bdaeb5 Merge pull request #6428 from dstftw/improve-generic-smil-support
Improve generic SMIL support
2015-08-08 05:47:33 +06:00
Jaime Marquínez Ferrándiz 232541df44 [YoutubeDL] format spec: correctly handle dashes and other unused operators
'mp4-baseline-16x9' must be handled as a single string, but the '-' was treated as an operator.
2015-08-04 22:29:23 +02:00
Jaime Marquínez Ferrándiz d96d604e53 YoutubeDL: format spec: don't accept a bare '/' (#6124) 2015-08-03 23:04:11 +02:00
Jaime Marquínez Ferrándiz 03950c90f7 Merge remote-tracking branch 'jaimemf/format_spec_groups' (closes #6124) 2015-08-03 15:22:51 +02:00
Sergey M․ 645f814544 [test/helper] Allow dicts for mincount 2015-08-02 01:15:33 +06:00
Sergey M․ 308cfe0ab3 [test_downloader] Respect --force-generic-extractor 2015-08-02 01:14:41 +06:00
Sergey M․ ee114368ad [utils] Make value optional for find_xpath_attr
This allows selecting particular attributes by name but without specifying the value and similar to xpath syntax `[@attrib]`
2015-08-01 20:22:13 +06:00
Yen Chi Hsuan 9c29bc69f7 [utils] Improve parse_duration
Now dots are parsed. For example '87 Min.'
2015-07-22 23:15:22 +08:00
Sergey M․ 8954e48140 [test_compat] Add tests for compat_urllib_parse_unquote_plus 2015-07-17 23:31:23 +06:00
Sergey M․ d79febcd06 [test_compat] Remove redundant test 2015-07-17 23:09:56 +06:00
Sergey M․ 14309e1ddc [test_compat] Make tests more idiomatic 2015-07-17 22:58:39 +06:00
fnord 4a63291144 Add tests for compat_urllib_parse_unquote 2015-07-17 09:46:08 -05:00
Jaime Marquínez Ferrándiz 0a31a35098 [YoutubeDL] format spec: add additional checks for invalid syntax 2015-07-10 22:46:25 +02:00
Jaime Marquínez Ferrándiz bb8e553662 [YoutubeDL] format spec: Do not fail when a filter gives an empty result
For example with 'best[height<40]' we ended getting a 'IndexError: list index out of range'.
2015-07-04 21:41:09 +02:00
Jaime Marquínez Ferrándiz f5f4a27a96 [YoutubeDL] format spec: fix handling of '/' with ','
When using 'bestvideo/best,bestaudio', 'bestvideo/best' must be set as the current_selector (instead of appending it to the selectors), otherwise when it gets the ',' it would append 'None' to the selectors.
2015-07-04 21:30:26 +02:00
Jaime Marquínez Ferrándiz cf2ac6df68 [YoutubeDL] format spec: Fix handling of '+' with '/'
'bestvideo+bestaudio/best' was incorrectly interpreted as 'bestvideo+(bestaudio/best)', so it would fail if 'bestaudio' doesn't exist instead of falling back to 'best'.
2015-06-30 19:50:17 +02:00
Jaime Marquínez Ferrándiz 0130afb76e [YoutubeDL] format spec: allow grouping specifiers with parentheses 2015-06-29 12:46:02 +02:00
Jaime Marquínez Ferrándiz 5acfa126c8 [YoutubeDL] format spec: treat 'all' like a normal specifier
So you can use filters with it, for example 'all[width>=400][width<=600]'.
2015-06-28 22:48:02 +02:00
Jaime Marquínez Ferrándiz 67134eaba1 [YoutubeDL] rework how the format spec is processed
The spec string is processed using 'tokenize.tokenize' to split it in words and operators, the filters are still processed using regular expressions.
This should make easier to allow grouping operators with parens.
2015-06-28 22:31:35 +02:00
Jaime Marquínez Ferrándiz 4c8fea92f3 [test/aes] Fix on python 3.3 and higher
Since 878563c847 the aes functions only accepts the base64 data as a unicode string.
2015-06-03 23:50:38 +02:00
Yen Chi Hsuan f0bfaa2d7d [nrk] Update subtitles test
Subtitle conversion routine is removed, so the subtitles are TTML now. See
1c7e2e64f6
2015-05-27 15:23:34 +08:00
Yen Chi Hsuan 1b0427e6c4 [utils] Support TTML without default namespace
In a strict sense such TTML is invalid, but Yahoo uses it.
2015-05-19 00:45:01 +08:00
Jaime Marquínez Ferrándiz e9eaf3fbcf [test/YoutubeDL] Add tests for 'playliststart', 'playlistend' and 'playlist_items' 2015-05-15 14:08:26 +02:00
Yen Chi Hsuan 7dff03636a [utils] Support 'dur' field in TTML 2015-05-12 12:47:37 +08:00
Yen Chi Hsuan d39e0f05db [utils] Remove sanitize_url_path_consecutive_slashes()
This function is used only in SohuIE, which is updated to use a new
extraction logic.
2015-05-09 17:37:39 +08:00
Yen Chi Hsuan 0fe2ff78e6 [NBC] Enhance embedURL extraction (closes #2549) 2015-05-04 21:55:04 +08:00
Sergey M․ b3ed15b760 [utils] Add replace_extension 2015-05-02 23:23:06 +06:00
Sergey M․ a4bcaad773 [test_utils] Add tests for prepend_extension 2015-05-02 23:10:48 +06:00
Jaime Marquínez Ferrándiz 8dd5418803 Make 'best' format only match non-DASH formats (closes #5554)
Otherwise it's impossible to only download non-DASH formats, for example `best[height=?480]/best` would download a DASH video if it's the only one with height=480, instead for falling back to the second format specifier.
For audio only urls (soundcloud, bandcamp ...), the best audio will be downloaded as before.
2015-04-29 22:53:18 +02:00
Sergey M. 40b96352c9 Merge pull request #5523 from jaimeMF/remove-format-limit
Remove the --max-quality option
2015-04-27 16:44:58 +05:00
Yen Chi Hsuan bf6427d2fb [ffmpeg] Add dfxp (TTML) subtitles support (#3432, #5146) 2015-04-25 23:18:27 +08:00
Jaime Marquínez Ferrándiz 9f3fa89f7c Remove the --max-quality option
It doesn't work well with 'bestvideo' and 'bestaudio' because they are usually before the max quality.
Format filters should be used instead, they are more flexible and don't require the requested quality to exist for each video.
2015-04-25 11:59:54 +02:00
Sergey M․ 70947ea7b1 [parameters.json] Set default `format` parameter to `best` 2015-04-19 17:56:06 +02:00
Yen Chi Hsuan 880ee801cf [tests] Allow multi_video to be tested as playlists 2015-04-19 19:08:37 +08:00
Jaime Marquínez Ferrándiz 592e97e855 Postprocessors: use a list for the files that can be deleted
We could only know if we had to delete the original file, but this system allows to specify us more files (like subtitles).
2015-04-18 11:36:42 +02:00
Yen Chi Hsuan 0a1603634b [utils] Remove url_infer_protocol 2015-04-08 21:39:34 +08:00
Yen Chi Hsuan 418c5cc3fc [udn] Add new extractor 2015-04-08 17:26:51 +08:00
Sergey M․ ff02a228e3 [test_execution] Fix test under python 2 @ windows 2015-04-04 19:21:50 +06:00
Sergey M․ 8cf70de428 [test_utils] Add test for unified_strdate 2015-04-04 19:11:01 +06:00
Sergey M․ ba9e68f402 [utils] Drop trailing comma before closing brace 2015-04-04 17:48:55 +06:00
Jaime Marquínez Ferrándiz 157e9e5aa5 [youtube:watchlater] Remove unused properties and fix tests 2015-03-26 20:03:31 +01:00
Naglis Jonaitis 91757b0f37 [utils] Escape all HTML entities written in hexadecimal form 2015-03-26 17:15:27 +02:00
Philipp Hagemeister f5e2efbbf0 [options] Handle special characters in argv (Fixes #5157) 2015-03-24 16:39:46 +01:00
Jaime Marquínez Ferrándiz f9544f6e8f [test/aes] Test aes_decrypt_text with 256 bit 2015-03-22 12:09:58 +01:00
Jaime Marquínez Ferrándiz 5379a2d40d [test/utils] Test xpath_text 2015-03-21 14:12:43 +01:00
Jaime Marquínez Ferrándiz a7d9ded45d [test] Add tests for aes 2015-03-21 12:07:23 +01:00
Jaime Marquínez Ferrándiz 531980d89c [test/YoutubeDL] test match_filter 2015-03-20 17:05:28 +01:00
Jaime Marquínez Ferrándiz f20bf146e2 [test/YoutubeDL] split in two classes
The name was misleading
2015-03-20 15:14:25 +01:00
Jaime Marquínez Ferrándiz 01218f919b [test/http] Add test for proxy support 2015-03-20 14:59:38 +01:00
Sergey M․ 92a4793b3c [utils] Place sanitize url function near other sanitizing functions 2015-03-17 21:34:22 +06:00
Sergey M․ dc03a42537 Merge branch 'sohu_fix' of https://github.com/yan12125/youtube-dl into yan12125-sohu_fix 2015-03-17 21:18:36 +06:00
Jaime Marquínez Ferrándiz 8508557e77 [test/YoutubeDL] Use valid urls
It failed on python 3.4 when building the http_headers field
2015-03-14 20:51:42 +01:00
Jaime Marquínez Ferrándiz 4d1652484f [test/unicode_literals] Don't look into the .git and .tox directories
The .tox directory contains python code that we can't control
2015-03-14 20:25:37 +01:00
Jaime Marquínez Ferrándiz 88cf6fb368 [metadatafromtitle] Some improvements and cleanup
* Remove the 'songtitle' field, 'title' can be used instead.
* Remove newlines in the help text, for consistency with other options.
* Add 'from __future__ import unicode_literals'.
* Call '__init__' from the parent class.
* Add test for the format_to_regex method
2015-03-14 20:06:33 +01:00
Jaime Marquínez Ferrándiz 3946864c8a [vimeo] Use https for all vimeo.com urls
Unfortunately vimeopro.com doesn't support it yet.
2015-03-12 19:08:16 +01:00
Sergey M․ 7e195d0e92 [funnyordie] Add subtitles test 2015-03-11 22:00:37 +06:00
Sergey M․ 2ebfeacabc [utils] Keep dot and dotdot unmodified (Closes #5171) 2015-03-10 00:50:11 +06:00