wagtail-enap-designsystem 1.2.1.196__py3-none-any.whl → 1.2.1.197__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. enap_designsystem/blocks/security.py +7 -9
  2. {wagtail_enap_designsystem-1.2.1.196.dist-info → wagtail_enap_designsystem-1.2.1.197.dist-info}/METADATA +1 -1
  3. {wagtail_enap_designsystem-1.2.1.196.dist-info → wagtail_enap_designsystem-1.2.1.197.dist-info}/RECORD +6 -6
  4. {wagtail_enap_designsystem-1.2.1.196.dist-info → wagtail_enap_designsystem-1.2.1.197.dist-info}/WHEEL +0 -0
  5. {wagtail_enap_designsystem-1.2.1.196.dist-info → wagtail_enap_designsystem-1.2.1.197.dist-info}/licenses/LICENSE +0 -0
  6. {wagtail_enap_designsystem-1.2.1.196.dist-info → wagtail_enap_designsystem-1.2.1.197.dist-info}/top_level.txt +0 -0
enap_designsystem/blocks/security.py CHANGED
@@ -4,29 +4,27 @@ from django.utils.translation import gettext_lazy as _
4
4
 
5
5
  def validate_safe_characters(value):
6
6
  """
7
- Permite apenas letras, números, espaços e acentos
8
- Bloqueia caracteres especiais perigosos E comandos SQL
7
+ Permite uma ampla gama de caracteres seguros para formulários
8
+ Continua bloqueando caracteres potencialmente perigosos e comandos SQL
9
9
  """
10
10
  if not isinstance(value, str) or not value:
11
11
  return
12
12
 
13
- # 1. Verificar caracteres permitidos primeiro
14
- allowed_pattern = r'^[a-zA-Z0-9À-ÿ\s\.\-@]+$'
13
+ # 1. Verificar caracteres permitidos - versão expandida
14
+ allowed_pattern = r'^[a-zA-Z0-9À-ÿ\s\.\,\-@\(\)\"\'\:\/\;\$\£\€\+\*\=\&\#\%\_\!\?\[\]\{\}\°\ª\º]+$'
15
15
 
16
16
  if not re.match(allowed_pattern, value):
17
17
  raise ValidationError(
18
- _('Este campo aceita letras, números, espaços e acentos.'),
18
+ _('Este campo contém caracteres não permitidos. Por favor, use apenas caracteres comuns.'),
19
19
  code='invalid_characters'
20
20
  )
21
21
 
22
- # 2. Verificar comandos SQL proibidos
23
- sql_commands = ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE']
22
+ # 2. Verificar comandos SQL proibidos (manter esta verificação)
23
+ sql_commands = ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE', 'ALTER', 'TRUNCATE', 'EXEC', 'UNION']
24
24
 
25
- # Converter para maiúsculo para comparação
26
25
  value_upper = value.upper()
27
26
 
28
27
  for command in sql_commands:
29
- # Verificar se o comando aparece como palavra completa
30
28
  if re.search(r'\b' + command + r'\b', value_upper):
31
29
  raise ValidationError(
32
30
  _('Este campo contém comandos não permitidos.'),
{wagtail_enap_designsystem-1.2.1.196.dist-info → wagtail_enap_designsystem-1.2.1.197.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: wagtail-enap-designsystem
3
- Version: 1.2.1.196
3
+ Version: 1.2.1.197
4
4
  Summary: Módulo de componentes utilizado nos portais ENAP, desenvolvido com Wagtail + CodeRedCMS
5
5
  Author: Renan Campos
6
6
  Author-email: renan.oliveira@enap.gov.br
{wagtail_enap_designsystem-1.2.1.196.dist-info → wagtail_enap_designsystem-1.2.1.197.dist-info}/RECORD RENAMED
@@ -14,7 +14,7 @@ enap_designsystem/blocks/content_blocks.py,sha256=X8Ldf6eMRhjhIYxC2rLssb151r2iFF
14
14
  enap_designsystem/blocks/form.py,sha256=rQ_KfMgafbA7NSBGneUsregEhphKCxfNh4rG8s6FEWI,90007
15
15
  enap_designsystem/blocks/html_blocks.py,sha256=YE8xNA8HQ5iavP_UIlJrhwIUpgtfVMQTP3XVk2dg4J0,281986
16
16
  enap_designsystem/blocks/layout_blocks.py,sha256=qND7aUna3VL3PK7sAKE7PiPfSvahMwHK_lZoKUkudeo,23461
17
- enap_designsystem/blocks/security.py,sha256=QA7lmQ_eQ6iopunatl_DrHkEegAwMZJGwXunRulbCjk,2099
17
+ enap_designsystem/blocks/security.py,sha256=cOdLix8cOkjV-Ef-NMjrVid0e3u5uxGNPZk8S7J-rr0,2178
18
18
  enap_designsystem/blocks/semana_blocks.py,sha256=AfaxJQmStvFkw6yrPeKyZurC6jzCxWxyzmdny_pret0,70929
19
19
  enap_designsystem/blocks/semana_inovacao.py,sha256=iPwsYG4oIZIIGR9zyu7bCTuVGn-E8-28KjPnI-SNIAs,47038
20
20
  enap_designsystem/middleware/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -934,8 +934,8 @@ enap_designsystem/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG
934
934
  enap_designsystem/utils/decorators.py,sha256=aq6SbLn0LcH2rfE3ZFit8jkD7pSx9fLVBUUwVB747hg,335
935
935
  enap_designsystem/utils/services.py,sha256=6dG5jLSbwH49jpZV9ZNpWlaZqI49gTlwlr1vaerxdiU,5824
936
936
  enap_designsystem/utils/sso.py,sha256=vjAuoYgoLeQAa_dkkyQ6-LmHvKMaVCxizNFpe5y3iUA,1145
937
- wagtail_enap_designsystem-1.2.1.196.dist-info/licenses/LICENSE,sha256=Btzdu2kIoMbdSp6OyCLupB1aRgpTCJ_szMimgEnpkkE,1056
938
- wagtail_enap_designsystem-1.2.1.196.dist-info/METADATA,sha256=Qd_mzE5YjJ5qBZjg23cPheMlCtDXuaeUTxIvSqwrgUQ,3651
939
- wagtail_enap_designsystem-1.2.1.196.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
940
- wagtail_enap_designsystem-1.2.1.196.dist-info/top_level.txt,sha256=RSFgMASxoA-hVftm5i4Qd0rArlX4Dq08lLv5G4sYD-g,18
941
- wagtail_enap_designsystem-1.2.1.196.dist-info/RECORD,,
937
+ wagtail_enap_designsystem-1.2.1.197.dist-info/licenses/LICENSE,sha256=Btzdu2kIoMbdSp6OyCLupB1aRgpTCJ_szMimgEnpkkE,1056
938
+ wagtail_enap_designsystem-1.2.1.197.dist-info/METADATA,sha256=jG3qmGYb67pVJdRwrgZUddsSL01qshapx5nXSdoaQJ8,3651
939
+ wagtail_enap_designsystem-1.2.1.197.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
940
+ wagtail_enap_designsystem-1.2.1.197.dist-info/top_level.txt,sha256=RSFgMASxoA-hVftm5i4Qd0rArlX4Dq08lLv5G4sYD-g,18
941
+ wagtail_enap_designsystem-1.2.1.197.dist-info/RECORD,,