logo

youtube-dl

[mirror] Download/Watch videos from video hostersgit clone https://hacktivis.me/git/mirror/youtube-dl.git
commit: 37cea84f775129ad715b9bcd617251c831fcc980
parent 46521096433aceaa41b4caa845bed22ca6f377ce
Author: dirkf <fieldhouse@gmx.net>
Date:   Tue,  2 Jul 2024 14:54:25 +0100

[core,utils] Support unpublicised `--no-check-extensions`

Diffstat:

Myoutube_dl/__init__.py4++++
Myoutube_dl/options.py4++++
Myoutube_dl/utils.py6++++--
3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/youtube_dl/__init__.py b/youtube_dl/__init__.py @@ -21,6 +21,7 @@ from .compat import ( workaround_optparse_bug9161, ) from .utils import ( + _UnsafeExtensionError, DateRange, decodeOption, DEFAULT_OUTTMPL, @@ -173,6 +174,9 @@ def _real_main(argv=None): if opts.ap_mso and opts.ap_mso not in MSO_INFO: parser.error('Unsupported TV Provider, use --ap-list-mso to get a list of supported TV Providers') + if opts.no_check_extensions: + _UnsafeExtensionError.lenient = True + def parse_retries(retries): if retries in ('inf', 'infinite'): parsed_retries = float('inf') diff --git a/youtube_dl/options.py b/youtube_dl/options.py @@ -534,6 +534,10 @@ def parseOpts(overrideArguments=None): action='store_true', dest='no_check_certificate', default=False, help='Suppress HTTPS certificate validation') workarounds.add_option( + '--no-check-extensions', + action='store_true', dest='no_check_extensions', default=False, + help='Suppress file extension validation') + workarounds.add_option( '--prefer-insecure', '--prefer-unsecure', action='store_true', dest='prefer_insecure', help='Use an unencrypted connection to retrieve information about the video. (Currently supported only for YouTube)') diff --git a/youtube_dl/utils.py b/youtube_dl/utils.py @@ -6587,7 +6587,6 @@ KNOWN_EXTENSIONS = ( class _UnsafeExtensionError(Exception): """ Mitigation exception for unwanted file overwrite/path traversal - This should be caught in YoutubeDL.py with a warning Ref: https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-79w7-vh3h-8g4j """ @@ -6666,6 +6665,9 @@ class _UnsafeExtensionError(Exception): super(_UnsafeExtensionError, self).__init__('unsafe file extension: {0!r}'.format(extension)) self.extension = extension + # support --no-check-extensions + lenient = False + @classmethod def sanitize_extension(cls, extension, **kwargs): # ... /, *, prepend=False @@ -6678,7 +6680,7 @@ class _UnsafeExtensionError(Exception): last = extension.rpartition('.')[-1] if last == 'bin': extension = last = 'unknown_video' - if last.lower() not in cls._ALLOWED_EXTENSIONS: + if not (cls.lenient or last.lower() in cls._ALLOWED_EXTENSIONS): raise cls(extension) return extension