diff --git a/lib/utils/reserved-users.js b/lib/utils/reserved-users.js
--- a/lib/utils/reserved-users.js
+++ b/lib/utils/reserved-users.js
@@ -1,7 +1,8 @@
// @flow
// All entries in this list must be lowercase and must also be included in
-// `services/identity/reserved_usernames.json`!!
+// `services/identity/reserved_usernames.json` and in
+// `services/blob/reserved_usernames.json`!!
const reservedUsernamesSet: $ReadOnlySet<string> = new Set([
// Additional Reserved Keywords
'comm',
diff --git a/services/blob/Cargo.lock b/services/blob/Cargo.lock
--- a/services/blob/Cargo.lock
+++ b/services/blob/Cargo.lock
@@ -291,9 +291,9 @@
[[package]]
name = "aho-corasick"
-version = "0.7.19"
+version = "1.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b4f55bd91a0978cbfd91c457a164bab8b4001c833b7f323132c0a4e1922dd44e"
+checksum = "b2969dcb958b36655471fc61f7e416fa76033bdd4bfed0678d8fee1e2d07a1f0"
dependencies = [
"memchr",
]
@@ -937,7 +937,9 @@
"http",
"once_cell",
"prost",
+ "regex",
"serde",
+ "serde_json",
"tokio",
"tokio-stream",
"tonic 0.8.2",
@@ -1867,7 +1869,7 @@
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8263075bb86c5a1b1427b5ae862e8889656f126e9f77c484496e8b47cf5c5558"
dependencies = [
- "regex-automata",
+ "regex-automata 0.1.10",
]
[[package]]
@@ -1893,9 +1895,9 @@
[[package]]
name = "memchr"
-version = "2.5.0"
+version = "2.7.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d"
+checksum = "523dc4f511e55ab87b694dc30d0f820d60906ef06413f93d4d7a1385599cc149"
[[package]]
name = "mime"
@@ -2268,13 +2270,14 @@
[[package]]
name = "regex"
-version = "1.7.0"
+version = "1.10.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e076559ef8e241f2ae3479e36f97bd5741c0330689e217ad51ce2c76808b868a"
+checksum = "b62dbe01f0b06f9d8dc7d49e05a0785f153b00b2c227856282f671e0318c9b15"
dependencies = [
"aho-corasick",
"memchr",
- "regex-syntax",
+ "regex-automata 0.4.5",
+ "regex-syntax 0.8.2",
]
[[package]]
@@ -2283,7 +2286,18 @@
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132"
dependencies = [
- "regex-syntax",
+ "regex-syntax 0.6.28",
+]
+
+[[package]]
+name = "regex-automata"
+version = "0.4.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5bb987efffd3c6d0d8f5f89510bb458559eab11e4f869acb20bf845e016259cd"
+dependencies = [
+ "aho-corasick",
+ "memchr",
+ "regex-syntax 0.8.2",
]
[[package]]
@@ -2292,6 +2306,12 @@
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "456c603be3e8d448b072f410900c09faf164fbce2d480456f50eea6e25f9c848"
+[[package]]
+name = "regex-syntax"
+version = "0.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f"
+
[[package]]
name = "ring"
version = "0.16.20"
diff --git a/services/blob/Cargo.toml b/services/blob/Cargo.toml
--- a/services/blob/Cargo.toml
+++ b/services/blob/Cargo.toml
@@ -21,6 +21,7 @@
http = "0.2"
once_cell = "1.17"
prost = "0.11"
+regex = "1.10.3"
serde = { version = "1.0", features = ["derive"] }
tokio = { version = "1.24", features = ["rt-multi-thread"] }
tokio-stream = "0.1"
@@ -29,3 +30,4 @@
tracing-actix-web = "0.7.3"
tracing-futures = { version = "0.2", features = ["futures-03"] }
tracing-subscriber = { version = "0.3", features = ["env-filter"] }
+serde_json = "1.0.95"
diff --git a/services/blob/reserved_usernames.json b/services/blob/reserved_usernames.json
new file mode 100644
--- /dev/null
+++ b/services/blob/reserved_usernames.json
@@ -0,0 +1,2223 @@
+[
+ "comm",
+ "dapp-tools",
+ "dapp_tools",
+ "ethers-js",
+ "ethers_js",
+ "ganache-cli",
+ "ganache_cli",
+ "hardhat",
+ "mod",
+ "moderator",
+ "solidity",
+ "truffle",
+ "web3",
+ "web3modal",
+ "0",
+ "12",
+ "49",
+ "478",
+ "1hive",
+ "aave",
+ "agoraspace",
+ "aladdindao",
+ "alchemistdao",
+ "allships",
+ "ampled",
+ "angeldao",
+ "aragon",
+ "badgerdao",
+ "bankless",
+ "bardao",
+ "bayc",
+ "beetsdao",
+ "braintrust",
+ "bright",
+ "brightid",
+ "brightmomentsgallery",
+ "brrdao",
+ "cabindao",
+ "canudao",
+ "cedge",
+ "clip",
+ "closerdao",
+ "coinvise",
+ "collab-land",
+ "collab_land",
+ "colony",
+ "comp",
+ "compound",
+ "coordinape",
+ "cre8club",
+ "crisisdao",
+ "cspdao",
+ "daohaus",
+ "daosquare",
+ "daostack",
+ "darkstardao",
+ "decred",
+ "developerdao",
+ "devs",
+ "dfdao",
+ "dinnerdao",
+ "dinogangz",
+ "discodao",
+ "distributed-town",
+ "distributed_town",
+ "divineroles",
+ "dopewarsdao",
+ "dorg",
+ "duckdao",
+ "dxdao",
+ "edendao",
+ "elektradao",
+ "ethernautdao",
+ "etherscan",
+ "evewealth",
+ "ff",
+ "fiatluxdao",
+ "fingerprints",
+ "fireeyes",
+ "flamingodao",
+ "forefront",
+ "freecompany",
+ "friendswithbenefits",
+ "fwb",
+ "gardens",
+ "gcr",
+ "genezisbiohacking",
+ "genre",
+ "geometrydao",
+ "gitcoin",
+ "gnosis",
+ "gnosissafe",
+ "gorn",
+ "gornhegemonydao",
+ "gremlins",
+ "guildhall",
+ "habitat",
+ "heatdao",
+ "herstorydao",
+ "honeydao",
+ "idlefinance",
+ "indexcoop",
+ "insuredao",
+ "jennydao",
+ "joystream",
+ "jumperdao",
+ "keeperdao",
+ "kleoverse",
+ "komorebicollective",
+ "krause",
+ "krausehouse",
+ "learndao",
+ "leavingrecords",
+ "lex",
+ "lexdao",
+ "llama",
+ "lovesocietydao",
+ "lurkerdao",
+ "magnetdao",
+ "makerdao",
+ "maodao",
+ "maskdao",
+ "meebitsdao",
+ "meritcircle",
+ "metacartel",
+ "metafam",
+ "metagammadelta",
+ "metamask",
+ "metaversedao",
+ "minty",
+ "mirror-xyz",
+ "mirror_xyz",
+ "mirrorclubdao",
+ "molochdao",
+ "moonshotcollective",
+ "moshdao",
+ "muse0",
+ "nebo",
+ "neptunedao",
+ "nfdao",
+ "nounsdao",
+ "olympusdao",
+ "opendao",
+ "opensea",
+ "opolis",
+ "orcaprotocol",
+ "pacdao",
+ "paperclip",
+ "parcel",
+ "party",
+ "partydao",
+ "peerion",
+ "phlotedao",
+ "physicalanddigitalartaficionados",
+ "pizzadao",
+ "pleasrdao",
+ "pokemontrainersclub",
+ "prints",
+ "proofofhumanity",
+ "prosperdao",
+ "proteindao",
+ "psydao",
+ "rabbithole",
+ "raidguild",
+ "rainbowwallet",
+ "raribledao",
+ "readyplayerdao",
+ "reddao",
+ "ref",
+ "retokendao",
+ "ribondao",
+ "rumblekong",
+ "sarcophagus",
+ "scribedao",
+ "seedclub",
+ "sharkdao",
+ "shinydao",
+ "snapshot",
+ "snx",
+ "sourcecred",
+ "spork",
+ "sporkdao",
+ "sputnik-fund",
+ "sputnik_fund",
+ "squaddao",
+ "squig",
+ "squiggle",
+ "stack",
+ "stackerventuresdao",
+ "syndicate",
+ "synthetix",
+ "tally",
+ "taodao",
+ "tarascadao",
+ "terrachess",
+ "thelao",
+ "thewipmeetup",
+ "thugdao",
+ "tinseldao",
+ "tokenwalkdao",
+ "tomomasterdao",
+ "triforcedao",
+ "trippy",
+ "trojandao",
+ "ultradao",
+ "universitydao",
+ "unlockdao",
+ "vectordao",
+ "viariodao",
+ "vita",
+ "vitadao",
+ "walletconnect",
+ "whalerdao",
+ "whiskeypioneers",
+ "yamdao",
+ "yearn",
+ "yfi",
+ "ygg",
+ "zouzoukwa",
+ "aaa",
+ "aarp",
+ "abarth",
+ "abb",
+ "abbott",
+ "abbvie",
+ "abc",
+ "able",
+ "abogado",
+ "abudhabi",
+ "ac",
+ "academy",
+ "accenture",
+ "accountant",
+ "accountants",
+ "aco",
+ "actor",
+ "ad",
+ "adac",
+ "ads",
+ "adult",
+ "ae",
+ "aeg",
+ "aero",
+ "aetna",
+ "af",
+ "afamilycompany",
+ "afl",
+ "africa",
+ "ag",
+ "agakhan",
+ "agency",
+ "ai",
+ "aig",
+ "airbus",
+ "airforce",
+ "airtel",
+ "akdn",
+ "al",
+ "alfaromeo",
+ "alibaba",
+ "alipay",
+ "allfinanz",
+ "allstate",
+ "ally",
+ "alsace",
+ "alstom",
+ "am",
+ "amazon",
+ "americanexpress",
+ "americanfamily",
+ "amex",
+ "amfam",
+ "amica",
+ "amsterdam",
+ "analytics",
+ "android",
+ "anquan",
+ "anz",
+ "ao",
+ "aol",
+ "apartments",
+ "app",
+ "apple",
+ "aq",
+ "aquarelle",
+ "ar",
+ "arab",
+ "aramco",
+ "archi",
+ "army",
+ "arpa",
+ "art",
+ "arte",
+ "as",
+ "asda",
+ "asia",
+ "associates",
+ "at",
+ "athleta",
+ "attorney",
+ "au",
+ "auction",
+ "audi",
+ "audible",
+ "audio",
+ "auspost",
+ "author",
+ "auto",
+ "autos",
+ "avianca",
+ "aw",
+ "aws",
+ "ax",
+ "axa",
+ "az",
+ "azure",
+ "ba",
+ "baby",
+ "baidu",
+ "banamex",
+ "bananarepublic",
+ "band",
+ "bank",
+ "bar",
+ "barcelona",
+ "barclaycard",
+ "barclays",
+ "barefoot",
+ "bargains",
+ "baseball",
+ "basketball",
+ "bauhaus",
+ "bayern",
+ "bb",
+ "bbc",
+ "bbt",
+ "bbva",
+ "bcg",
+ "bcn",
+ "bd",
+ "be",
+ "beats",
+ "beauty",
+ "beer",
+ "bentley",
+ "berlin",
+ "best",
+ "bestbuy",
+ "bet",
+ "bf",
+ "bg",
+ "bh",
+ "bharti",
+ "bi",
+ "bible",
+ "bid",
+ "bike",
+ "bing",
+ "bingo",
+ "bio",
+ "biz",
+ "bj",
+ "black",
+ "blackfriday",
+ "blockbuster",
+ "blog",
+ "bloomberg",
+ "blue",
+ "bm",
+ "bms",
+ "bmw",
+ "bn",
+ "bnpparibas",
+ "bo",
+ "boats",
+ "boehringer",
+ "bofa",
+ "bom",
+ "bond",
+ "boo",
+ "book",
+ "booking",
+ "bosch",
+ "bostik",
+ "boston",
+ "bot",
+ "boutique",
+ "box",
+ "br",
+ "bradesco",
+ "bridgestone",
+ "broadway",
+ "broker",
+ "brother",
+ "brussels",
+ "bs",
+ "bt",
+ "budapest",
+ "bugatti",
+ "build",
+ "builders",
+ "business",
+ "buy",
+ "buzz",
+ "bv",
+ "bw",
+ "by",
+ "bz",
+ "bzh",
+ "ca",
+ "cab",
+ "cafe",
+ "cal",
+ "call",
+ "calvinklein",
+ "cam",
+ "camera",
+ "camp",
+ "cancerresearch",
+ "canon",
+ "capetown",
+ "capital",
+ "capitalone",
+ "car",
+ "caravan",
+ "cards",
+ "care",
+ "career",
+ "careers",
+ "cars",
+ "casa",
+ "case",
+ "cash",
+ "casino",
+ "cat",
+ "catering",
+ "catholic",
+ "cba",
+ "cbn",
+ "cbre",
+ "cbs",
+ "cc",
+ "cd",
+ "center",
+ "ceo",
+ "cern",
+ "cf",
+ "cfa",
+ "cfd",
+ "cg",
+ "ch",
+ "chanel",
+ "channel",
+ "charity",
+ "chase",
+ "chat",
+ "cheap",
+ "chintai",
+ "christmas",
+ "chrome",
+ "church",
+ "ci",
+ "cipriani",
+ "circle",
+ "cisco",
+ "citadel",
+ "citi",
+ "citic",
+ "city",
+ "cityeats",
+ "ck",
+ "cl",
+ "claims",
+ "cleaning",
+ "click",
+ "clinic",
+ "clinique",
+ "clothing",
+ "cloud",
+ "club",
+ "clubmed",
+ "cm",
+ "cn",
+ "co",
+ "coach",
+ "codes",
+ "coffee",
+ "college",
+ "cologne",
+ "com",
+ "comcast",
+ "commbank",
+ "community",
+ "company",
+ "compare",
+ "computer",
+ "comsec",
+ "condos",
+ "construction",
+ "consulting",
+ "contact",
+ "contractors",
+ "cooking",
+ "cookingchannel",
+ "cool",
+ "coop",
+ "corsica",
+ "country",
+ "coupon",
+ "coupons",
+ "courses",
+ "cpa",
+ "cr",
+ "credit",
+ "creditcard",
+ "creditunion",
+ "cricket",
+ "crown",
+ "crs",
+ "cruise",
+ "cruises",
+ "csc",
+ "cu",
+ "cuisinella",
+ "cv",
+ "cw",
+ "cx",
+ "cy",
+ "cymru",
+ "cyou",
+ "cz",
+ "dabur",
+ "dad",
+ "dance",
+ "data",
+ "date",
+ "dating",
+ "datsun",
+ "day",
+ "dclk",
+ "dds",
+ "de",
+ "deal",
+ "dealer",
+ "deals",
+ "degree",
+ "delivery",
+ "dell",
+ "deloitte",
+ "delta",
+ "democrat",
+ "dental",
+ "dentist",
+ "desi",
+ "design",
+ "dev",
+ "dhl",
+ "diamonds",
+ "diet",
+ "digital",
+ "direct",
+ "directory",
+ "discount",
+ "discover",
+ "dish",
+ "diy",
+ "dj",
+ "dk",
+ "dm",
+ "dnp",
+ "do",
+ "docs",
+ "doctor",
+ "dog",
+ "domains",
+ "dot",
+ "download",
+ "drive",
+ "dtv",
+ "dubai",
+ "duck",
+ "dunlop",
+ "dupont",
+ "durban",
+ "dvag",
+ "dvr",
+ "dz",
+ "earth",
+ "eat",
+ "ec",
+ "eco",
+ "edeka",
+ "edu",
+ "education",
+ "ee",
+ "eg",
+ "email",
+ "emerck",
+ "energy",
+ "engineer",
+ "engineering",
+ "enterprises",
+ "epson",
+ "equipment",
+ "er",
+ "ericsson",
+ "erni",
+ "es",
+ "esq",
+ "estate",
+ "et",
+ "etisalat",
+ "eu",
+ "eurovision",
+ "eus",
+ "events",
+ "exchange",
+ "expert",
+ "exposed",
+ "express",
+ "extraspace",
+ "fage",
+ "fail",
+ "fairwinds",
+ "faith",
+ "family",
+ "fan",
+ "fans",
+ "farm",
+ "farmers",
+ "fashion",
+ "fast",
+ "fedex",
+ "feedback",
+ "ferrari",
+ "ferrero",
+ "fi",
+ "fiat",
+ "fidelity",
+ "fido",
+ "film",
+ "final",
+ "finance",
+ "financial",
+ "fire",
+ "firestone",
+ "firmdale",
+ "fish",
+ "fishing",
+ "fit",
+ "fitness",
+ "fj",
+ "fk",
+ "flickr",
+ "flights",
+ "flir",
+ "florist",
+ "flowers",
+ "fly",
+ "fm",
+ "fo",
+ "foo",
+ "food",
+ "foodnetwork",
+ "football",
+ "ford",
+ "forex",
+ "forsale",
+ "forum",
+ "foundation",
+ "fox",
+ "fr",
+ "free",
+ "fresenius",
+ "frl",
+ "frogans",
+ "frontdoor",
+ "frontier",
+ "ftr",
+ "fujitsu",
+ "fun",
+ "fund",
+ "furniture",
+ "futbol",
+ "fyi",
+ "ga",
+ "gal",
+ "gallery",
+ "gallo",
+ "gallup",
+ "game",
+ "games",
+ "gap",
+ "garden",
+ "gay",
+ "gb",
+ "gbiz",
+ "gd",
+ "gdn",
+ "ge",
+ "gea",
+ "gent",
+ "genting",
+ "george",
+ "gf",
+ "gg",
+ "ggee",
+ "gh",
+ "gi",
+ "gift",
+ "gifts",
+ "gives",
+ "giving",
+ "gl",
+ "glade",
+ "glass",
+ "gle",
+ "global",
+ "globo",
+ "gm",
+ "gmail",
+ "gmbh",
+ "gmo",
+ "gmx",
+ "gn",
+ "godaddy",
+ "gold",
+ "goldpoint",
+ "golf",
+ "goo",
+ "goodyear",
+ "goog",
+ "google",
+ "gop",
+ "got",
+ "gov",
+ "gp",
+ "gq",
+ "gr",
+ "grainger",
+ "graphics",
+ "gratis",
+ "green",
+ "gripe",
+ "grocery",
+ "group",
+ "gs",
+ "gt",
+ "gu",
+ "guardian",
+ "gucci",
+ "guge",
+ "guide",
+ "guitars",
+ "guru",
+ "gw",
+ "gy",
+ "hair",
+ "hamburg",
+ "hangout",
+ "haus",
+ "hbo",
+ "hdfc",
+ "hdfcbank",
+ "health",
+ "healthcare",
+ "help",
+ "helsinki",
+ "here",
+ "hermes",
+ "hgtv",
+ "hiphop",
+ "hisamitsu",
+ "hitachi",
+ "hiv",
+ "hk",
+ "hkt",
+ "hm",
+ "hn",
+ "hockey",
+ "holdings",
+ "holiday",
+ "homedepot",
+ "homegoods",
+ "homes",
+ "homesense",
+ "honda",
+ "horse",
+ "hospital",
+ "host",
+ "hosting",
+ "hot",
+ "hoteles",
+ "hotels",
+ "hotmail",
+ "house",
+ "how",
+ "hr",
+ "hsbc",
+ "ht",
+ "hu",
+ "hughes",
+ "hyatt",
+ "hyundai",
+ "ibm",
+ "icbc",
+ "ice",
+ "icu",
+ "id",
+ "ie",
+ "ieee",
+ "ifm",
+ "ikano",
+ "il",
+ "im",
+ "imamat",
+ "imdb",
+ "immo",
+ "immobilien",
+ "in",
+ "inc",
+ "industries",
+ "infiniti",
+ "info",
+ "ing",
+ "ink",
+ "institute",
+ "insurance",
+ "insure",
+ "int",
+ "international",
+ "intuit",
+ "investments",
+ "io",
+ "ipiranga",
+ "iq",
+ "ir",
+ "irish",
+ "is",
+ "ismaili",
+ "ist",
+ "istanbul",
+ "it",
+ "itau",
+ "itv",
+ "jaguar",
+ "java",
+ "jcb",
+ "je",
+ "jeep",
+ "jetzt",
+ "jewelry",
+ "jio",
+ "jll",
+ "jm",
+ "jmp",
+ "jnj",
+ "jo",
+ "jobs",
+ "joburg",
+ "jot",
+ "joy",
+ "jp",
+ "jpmorgan",
+ "jprs",
+ "juegos",
+ "juniper",
+ "kaufen",
+ "kddi",
+ "ke",
+ "kerryhotels",
+ "kerrylogistics",
+ "kerryproperties",
+ "kfh",
+ "kg",
+ "kh",
+ "ki",
+ "kia",
+ "kim",
+ "kinder",
+ "kindle",
+ "kitchen",
+ "kiwi",
+ "km",
+ "kn",
+ "koeln",
+ "komatsu",
+ "kosher",
+ "kp",
+ "kpmg",
+ "kpn",
+ "kr",
+ "krd",
+ "kred",
+ "kuokgroup",
+ "kw",
+ "ky",
+ "kyoto",
+ "kz",
+ "la",
+ "lacaixa",
+ "lamborghini",
+ "lamer",
+ "lancaster",
+ "lancia",
+ "land",
+ "landrover",
+ "lanxess",
+ "lasalle",
+ "lat",
+ "latino",
+ "latrobe",
+ "law",
+ "lawyer",
+ "lb",
+ "lc",
+ "lds",
+ "lease",
+ "leclerc",
+ "lefrak",
+ "legal",
+ "lego",
+ "lexus",
+ "lgbt",
+ "li",
+ "lidl",
+ "life",
+ "lifeinsurance",
+ "lifestyle",
+ "lighting",
+ "like",
+ "lilly",
+ "limited",
+ "limo",
+ "lincoln",
+ "linde",
+ "link",
+ "lipsy",
+ "live",
+ "living",
+ "lixil",
+ "lk",
+ "llc",
+ "llp",
+ "loan",
+ "loans",
+ "locker",
+ "locus",
+ "loft",
+ "lol",
+ "london",
+ "lotte",
+ "lotto",
+ "love",
+ "lpl",
+ "lplfinancial",
+ "lr",
+ "ls",
+ "lt",
+ "ltd",
+ "ltda",
+ "lu",
+ "lundbeck",
+ "luxe",
+ "luxury",
+ "lv",
+ "ly",
+ "ma",
+ "macys",
+ "madrid",
+ "maif",
+ "maison",
+ "makeup",
+ "man",
+ "management",
+ "mango",
+ "map",
+ "market",
+ "marketing",
+ "markets",
+ "marriott",
+ "marshalls",
+ "maserati",
+ "mattel",
+ "mba",
+ "mc",
+ "mckinsey",
+ "md",
+ "me",
+ "med",
+ "media",
+ "meet",
+ "melbourne",
+ "meme",
+ "memorial",
+ "men",
+ "menu",
+ "merckmsd",
+ "mg",
+ "mh",
+ "miami",
+ "microsoft",
+ "mil",
+ "mini",
+ "mint",
+ "mit",
+ "mitsubishi",
+ "mk",
+ "ml",
+ "mlb",
+ "mls",
+ "mm",
+ "mma",
+ "mn",
+ "mo",
+ "mobi",
+ "mobile",
+ "moda",
+ "moe",
+ "moi",
+ "mom",
+ "monash",
+ "money",
+ "monster",
+ "mormon",
+ "mortgage",
+ "moscow",
+ "moto",
+ "motorcycles",
+ "mov",
+ "movie",
+ "mp",
+ "mq",
+ "mr",
+ "ms",
+ "msd",
+ "mt",
+ "mtn",
+ "mtr",
+ "mu",
+ "museum",
+ "music",
+ "mutual",
+ "mv",
+ "mw",
+ "mx",
+ "my",
+ "mz",
+ "na",
+ "nab",
+ "nagoya",
+ "name",
+ "natura",
+ "navy",
+ "nba",
+ "nc",
+ "ne",
+ "nec",
+ "net",
+ "netbank",
+ "netflix",
+ "network",
+ "neustar",
+ "new",
+ "news",
+ "next",
+ "nextdirect",
+ "nexus",
+ "nf",
+ "nfl",
+ "ng",
+ "ngo",
+ "nhk",
+ "ni",
+ "nico",
+ "nike",
+ "nikon",
+ "ninja",
+ "nissan",
+ "nissay",
+ "nl",
+ "no",
+ "nokia",
+ "northwesternmutual",
+ "norton",
+ "now",
+ "nowruz",
+ "nowtv",
+ "np",
+ "nr",
+ "nra",
+ "nrw",
+ "ntt",
+ "nu",
+ "nyc",
+ "nz",
+ "obi",
+ "observer",
+ "off",
+ "office",
+ "okinawa",
+ "olayan",
+ "olayangroup",
+ "oldnavy",
+ "ollo",
+ "om",
+ "omega",
+ "one",
+ "ong",
+ "onl",
+ "online",
+ "ooo",
+ "open",
+ "oracle",
+ "orange",
+ "org",
+ "organic",
+ "origins",
+ "osaka",
+ "otsuka",
+ "ott",
+ "ovh",
+ "pa",
+ "page",
+ "panasonic",
+ "paris",
+ "pars",
+ "partners",
+ "parts",
+ "passagens",
+ "pay",
+ "pccw",
+ "pe",
+ "pet",
+ "pf",
+ "pfizer",
+ "pg",
+ "ph",
+ "pharmacy",
+ "phd",
+ "philips",
+ "phone",
+ "photo",
+ "photography",
+ "photos",
+ "physio",
+ "pics",
+ "pictet",
+ "pictures",
+ "pid",
+ "pin",
+ "ping",
+ "pink",
+ "pioneer",
+ "pizza",
+ "pk",
+ "pl",
+ "place",
+ "play",
+ "playstation",
+ "plumbing",
+ "plus",
+ "pm",
+ "pn",
+ "pnc",
+ "pohl",
+ "poker",
+ "politie",
+ "porn",
+ "post",
+ "pr",
+ "pramerica",
+ "praxi",
+ "press",
+ "prime",
+ "pro",
+ "prod",
+ "productions",
+ "prof",
+ "progressive",
+ "promo",
+ "properties",
+ "property",
+ "protection",
+ "pru",
+ "prudential",
+ "ps",
+ "pt",
+ "pub",
+ "pw",
+ "pwc",
+ "py",
+ "qa",
+ "qpon",
+ "quebec",
+ "quest",
+ "racing",
+ "radio",
+ "raid",
+ "re",
+ "read",
+ "realestate",
+ "realtor",
+ "realty",
+ "recipes",
+ "red",
+ "redstone",
+ "redumbrella",
+ "rehab",
+ "reise",
+ "reisen",
+ "reit",
+ "reliance",
+ "ren",
+ "rent",
+ "rentals",
+ "repair",
+ "report",
+ "republican",
+ "rest",
+ "restaurant",
+ "review",
+ "reviews",
+ "rexroth",
+ "rich",
+ "richardli",
+ "ricoh",
+ "ril",
+ "rio",
+ "rip",
+ "ro",
+ "rocher",
+ "rocks",
+ "rodeo",
+ "rogers",
+ "room",
+ "rs",
+ "rsvp",
+ "ru",
+ "rugby",
+ "ruhr",
+ "run",
+ "rw",
+ "rwe",
+ "ryukyu",
+ "sa",
+ "saarland",
+ "safe",
+ "safety",
+ "sakura",
+ "sale",
+ "salon",
+ "samsclub",
+ "samsung",
+ "sandvik",
+ "sandvikcoromant",
+ "sanofi",
+ "sap",
+ "sarl",
+ "sas",
+ "save",
+ "saxo",
+ "sb",
+ "sbi",
+ "sbs",
+ "sc",
+ "sca",
+ "scb",
+ "schaeffler",
+ "schmidt",
+ "scholarships",
+ "school",
+ "schule",
+ "schwarz",
+ "science",
+ "scjohnson",
+ "scot",
+ "sd",
+ "se",
+ "search",
+ "seat",
+ "secure",
+ "security",
+ "seek",
+ "select",
+ "sener",
+ "services",
+ "ses",
+ "seven",
+ "sew",
+ "sex",
+ "sexy",
+ "sfr",
+ "sg",
+ "sh",
+ "shangrila",
+ "sharp",
+ "shaw",
+ "shell",
+ "shia",
+ "shiksha",
+ "shoes",
+ "shop",
+ "shopping",
+ "shouji",
+ "show",
+ "showtime",
+ "si",
+ "silk",
+ "sina",
+ "singles",
+ "site",
+ "sj",
+ "sk",
+ "ski",
+ "skin",
+ "sky",
+ "skype",
+ "sl",
+ "sling",
+ "sm",
+ "smart",
+ "smile",
+ "sn",
+ "sncf",
+ "so",
+ "soccer",
+ "social",
+ "softbank",
+ "software",
+ "sohu",
+ "solar",
+ "solutions",
+ "song",
+ "sony",
+ "soy",
+ "spa",
+ "space",
+ "sport",
+ "spot",
+ "sr",
+ "srl",
+ "ss",
+ "st",
+ "stada",
+ "staples",
+ "star",
+ "statebank",
+ "statefarm",
+ "stc",
+ "stcgroup",
+ "stockholm",
+ "storage",
+ "store",
+ "stream",
+ "studio",
+ "study",
+ "style",
+ "su",
+ "sucks",
+ "supplies",
+ "supply",
+ "support",
+ "surf",
+ "surgery",
+ "suzuki",
+ "sv",
+ "swatch",
+ "swiss",
+ "sx",
+ "sy",
+ "sydney",
+ "systems",
+ "sz",
+ "tab",
+ "taipei",
+ "talk",
+ "taobao",
+ "target",
+ "tatamotors",
+ "tatar",
+ "tattoo",
+ "tax",
+ "taxi",
+ "tc",
+ "tci",
+ "td",
+ "tdk",
+ "team",
+ "tech",
+ "technology",
+ "tel",
+ "temasek",
+ "tennis",
+ "teva",
+ "tf",
+ "tg",
+ "th",
+ "thd",
+ "theater",
+ "theatre",
+ "tiaa",
+ "tickets",
+ "tienda",
+ "tiffany",
+ "tips",
+ "tires",
+ "tirol",
+ "tj",
+ "tjmaxx",
+ "tjx",
+ "tk",
+ "tkmaxx",
+ "tl",
+ "tm",
+ "tmall",
+ "tn",
+ "to",
+ "today",
+ "tokyo",
+ "tools",
+ "top",
+ "toray",
+ "toshiba",
+ "total",
+ "tours",
+ "town",
+ "toyota",
+ "toys",
+ "tr",
+ "trade",
+ "trading",
+ "training",
+ "travel",
+ "travelchannel",
+ "travelers",
+ "travelersinsurance",
+ "trust",
+ "trv",
+ "tt",
+ "tube",
+ "tui",
+ "tunes",
+ "tushu",
+ "tv",
+ "tvs",
+ "tw",
+ "tz",
+ "ua",
+ "ubank",
+ "ubs",
+ "ug",
+ "uk",
+ "unicom",
+ "university",
+ "uno",
+ "uol",
+ "ups",
+ "us",
+ "uy",
+ "uz",
+ "va",
+ "vacations",
+ "vana",
+ "vanguard",
+ "vc",
+ "ve",
+ "vegas",
+ "ventures",
+ "verisign",
+ "versicherung",
+ "vet",
+ "vg",
+ "vi",
+ "viajes",
+ "video",
+ "vig",
+ "viking",
+ "villas",
+ "vin",
+ "vip",
+ "virgin",
+ "visa",
+ "vision",
+ "viva",
+ "vivo",
+ "vlaanderen",
+ "vn",
+ "vodka",
+ "volkswagen",
+ "volvo",
+ "vote",
+ "voting",
+ "voto",
+ "voyage",
+ "vu",
+ "vuelos",
+ "wales",
+ "walmart",
+ "walter",
+ "wang",
+ "wanggou",
+ "watch",
+ "watches",
+ "weather",
+ "weatherchannel",
+ "webcam",
+ "weber",
+ "website",
+ "wed",
+ "wedding",
+ "weibo",
+ "weir",
+ "wf",
+ "whoswho",
+ "wien",
+ "wiki",
+ "williamhill",
+ "win",
+ "windows",
+ "wine",
+ "winners",
+ "wme",
+ "wolterskluwer",
+ "woodside",
+ "work",
+ "works",
+ "world",
+ "wow",
+ "ws",
+ "wtc",
+ "wtf",
+ "xbox",
+ "xerox",
+ "xfinity",
+ "xihuan",
+ "xin",
+ "xn--11b4c3d",
+ "xn--1ck2e1b",
+ "xn--1qqw23a",
+ "xn--2scrj9c",
+ "xn--30rr7y",
+ "xn--3bst00m",
+ "xn--3ds443g",
+ "xn--3e0b707e",
+ "xn--3hcrj9c",
+ "xn--3pxu8k",
+ "xn--42c2d9a",
+ "xn--45br5cyl",
+ "xn--45brj9c",
+ "xn--45q11c",
+ "xn--4dbrk0ce",
+ "xn--4gbrim",
+ "xn--54b7fta0cc",
+ "xn--55qw42g",
+ "xn--55qx5d",
+ "xn--5su34j936bgsg",
+ "xn--5tzm5g",
+ "xn--6frz82g",
+ "xn--6qq986b3xl",
+ "xn--80adxhks",
+ "xn--80ao21a",
+ "xn--80aqecdr1a",
+ "xn--80asehdb",
+ "xn--80aswg",
+ "xn--8y0a063a",
+ "xn--90a3ac",
+ "xn--90ae",
+ "xn--90ais",
+ "xn--9dbq2a",
+ "xn--9et52u",
+ "xn--9krt00a",
+ "xn--b4w605ferd",
+ "xn--bck1b9a5dre4c",
+ "xn--c1avg",
+ "xn--c2br7g",
+ "xn--cck2b3b",
+ "xn--cckwcxetd",
+ "xn--cg4bki",
+ "xn--clchc0ea0b2g2a9gcd",
+ "xn--czr694b",
+ "xn--czrs0t",
+ "xn--czru2d",
+ "xn--d1acj3b",
+ "xn--d1alf",
+ "xn--e1a4c",
+ "xn--eckvdtc9d",
+ "xn--efvy88h",
+ "xn--fct429k",
+ "xn--fhbei",
+ "xn--fiq228c5hs",
+ "xn--fiq64b",
+ "xn--fiqs8s",
+ "xn--fiqz9s",
+ "xn--fjq720a",
+ "xn--flw351e",
+ "xn--fpcrj9c3d",
+ "xn--fzc2c9e2c",
+ "xn--fzys8d69uvgm",
+ "xn--g2xx48c",
+ "xn--gckr3f0f",
+ "xn--gecrj9c",
+ "xn--gk3at1e",
+ "xn--h2breg3eve",
+ "xn--h2brj9c",
+ "xn--h2brj9c8c",
+ "xn--hxt814e",
+ "xn--i1b6b1a6a2e",
+ "xn--imr513n",
+ "xn--io0a7i",
+ "xn--j1aef",
+ "xn--j1amh",
+ "xn--j6w193g",
+ "xn--jlq480n2rg",
+ "xn--jlq61u9w7b",
+ "xn--jvr189m",
+ "xn--kcrx77d1x4a",
+ "xn--kprw13d",
+ "xn--kpry57d",
+ "xn--kput3i",
+ "xn--l1acc",
+ "xn--lgbbat1ad8j",
+ "xn--mgb9awbf",
+ "xn--mgba3a3ejt",
+ "xn--mgba3a4f16a",
+ "xn--mgba7c0bbn0a",
+ "xn--mgbaakc7dvf",
+ "xn--mgbaam7a8h",
+ "xn--mgbab2bd",
+ "xn--mgbah1a3hjkrd",
+ "xn--mgbai9azgqp6j",
+ "xn--mgbayh7gpa",
+ "xn--mgbbh1a",
+ "xn--mgbbh1a71e",
+ "xn--mgbc0a9azcg",
+ "xn--mgbca7dzdo",
+ "xn--mgbcpq6gpa1a",
+ "xn--mgberp4a5d4ar",
+ "xn--mgbgu82a",
+ "xn--mgbi4ecexp",
+ "xn--mgbpl2fh",
+ "xn--mgbt3dhd",
+ "xn--mgbtx2b",
+ "xn--mgbx4cd0ab",
+ "xn--mix891f",
+ "xn--mk1bu44c",
+ "xn--mxtq1m",
+ "xn--ngbc5azd",
+ "xn--ngbe9e0a",
+ "xn--ngbrx",
+ "xn--node",
+ "xn--nqv7f",
+ "xn--nqv7fs00ema",
+ "xn--nyqy26a",
+ "xn--o3cw4h",
+ "xn--ogbpf8fl",
+ "xn--otu796d",
+ "xn--p1acf",
+ "xn--p1ai",
+ "xn--pgbs0dh",
+ "xn--pssy2u",
+ "xn--q7ce6a",
+ "xn--q9jyb4c",
+ "xn--qcka1pmc",
+ "xn--qxa6a",
+ "xn--qxam",
+ "xn--rhqv96g",
+ "xn--rovu88b",
+ "xn--rvc1e0am3e",
+ "xn--s9brj9c",
+ "xn--ses554g",
+ "xn--t60b56a",
+ "xn--tckwe",
+ "xn--tiq49xqyj",
+ "xn--unup4y",
+ "xn--vermgensberater-ctb",
+ "xn--vermgensberatung-pwb",
+ "xn--vhquv",
+ "xn--vuq861b",
+ "xn--w4r85el8fhu5dnra",
+ "xn--w4rs40l",
+ "xn--wgbh1c",
+ "xn--wgbl6a",
+ "xn--xhq521b",
+ "xn--xkc2al3hye2a",
+ "xn--xkc2dl3a5ee0h",
+ "xn--y9a3aq",
+ "xn--yfro4i67o",
+ "xn--ygbi2ammx",
+ "xn--zfr164b",
+ "xxx",
+ "xyz",
+ "yachts",
+ "yahoo",
+ "yamaxun",
+ "yandex",
+ "ye",
+ "yodobashi",
+ "yoga",
+ "yokohama",
+ "you",
+ "youtube",
+ "yt",
+ "yun",
+ "za",
+ "zappos",
+ "zara",
+ "zero",
+ "zip",
+ "zm",
+ "zone",
+ "zuerich",
+ "zw",
+ "skiptocontent",
+ "pullrequests",
+ "issues",
+ "marketplace",
+ "explore",
+ "@andnasnd",
+ "shouldbee/",
+ "reserved-usernames",
+ "public",
+ "code",
+ "issues4",
+ "actions",
+ "projects",
+ "insights",
+ "about",
+ "access",
+ "account",
+ "accounts",
+ "activate",
+ "activities",
+ "activity",
+ "add",
+ "address",
+ "adm",
+ "admin",
+ "administration",
+ "administrator",
+ "advertising",
+ "affiliate",
+ "affiliates",
+ "ajax",
+ "all",
+ "alpha",
+ "analysis",
+ "anon",
+ "anonymous",
+ "api",
+ "apps",
+ "archive",
+ "archives",
+ "article",
+ "asct",
+ "asset",
+ "atom",
+ "auth",
+ "authentication",
+ "avatar",
+ "backup",
+ "balancer-manager",
+ "banner",
+ "banners",
+ "beta",
+ "billing",
+ "bin",
+ "blogs",
+ "board",
+ "bookmark",
+ "bots",
+ "bug",
+ "cache",
+ "cadastro",
+ "calendar",
+ "campaign",
+ "cancel",
+ "captcha",
+ "cart",
+ "categories",
+ "category",
+ "cgi",
+ "cgi-bin",
+ "changelog",
+ "check",
+ "checking",
+ "checkout",
+ "client",
+ "cliente",
+ "clients",
+ "codereview",
+ "comercial",
+ "comment",
+ "comments",
+ "communities",
+ "compras",
+ "config",
+ "configuration",
+ "connect",
+ "contact-us",
+ "contact_us",
+ "contactus",
+ "contest",
+ "contribute",
+ "corp",
+ "create",
+ "css",
+ "dashboard",
+ "db",
+ "default",
+ "delete",
+ "demo",
+ "designer",
+ "destroy",
+ "devel",
+ "developer",
+ "developers",
+ "diagram",
+ "diary",
+ "dict",
+ "dictionary",
+ "die",
+ "dir",
+ "direct_messages",
+ "dist",
+ "doc",
+ "documentation",
+ "domain",
+ "downloads",
+ "ecommerce",
+ "edit",
+ "editor",
+ "employment",
+ "empty",
+ "end",
+ "enterprise",
+ "entries",
+ "entry",
+ "error",
+ "errors",
+ "eval",
+ "event",
+ "everyone",
+ "exit",
+ "facebook",
+ "faq",
+ "favorite",
+ "favorites",
+ "feature",
+ "features",
+ "feed",
+ "feeds",
+ "file",
+ "files",
+ "first",
+ "flash",
+ "fleet",
+ "fleets",
+ "flog",
+ "follow",
+ "followers",
+ "following",
+ "forgot",
+ "form",
+ "forums",
+ "founder",
+ "friend",
+ "friends",
+ "ftp",
+ "gadget",
+ "gadgets",
+ "get",
+ "ghost",
+ "gist",
+ "github",
+ "graph",
+ "groups",
+ "guest",
+ "guests",
+ "home",
+ "homepage",
+ "hostmaster",
+ "hostname",
+ "howto",
+ "hpg",
+ "html",
+ "http",
+ "httpd",
+ "https",
+ "i",
+ "iamges",
+ "icon",
+ "icons",
+ "idea",
+ "ideas",
+ "image",
+ "images",
+ "imap",
+ "img",
+ "index",
+ "indice",
+ "information",
+ "inquiry",
+ "instagram",
+ "intranet",
+ "invitations",
+ "invite",
+ "ipad",
+ "iphone",
+ "irc",
+ "issue",
+ "item",
+ "items",
+ "javascript",
+ "job",
+ "join",
+ "js",
+ "json",
+ "jump",
+ "knowledgebase",
+ "language",
+ "languages",
+ "last",
+ "ldap-status",
+ "license",
+ "links",
+ "linux",
+ "list",
+ "lists",
+ "log",
+ "log-in",
+ "log-out",
+ "log_in",
+ "log_out",
+ "login",
+ "logout",
+ "logs",
+ "m",
+ "mac",
+ "mail",
+ "mail1",
+ "mail2",
+ "mail3",
+ "mail4",
+ "mail5",
+ "mailer",
+ "mailing",
+ "maintenance",
+ "manager",
+ "manual",
+ "maps",
+ "master",
+ "member",
+ "members",
+ "message",
+ "messages",
+ "messenger",
+ "microblog",
+ "microblogs",
+ "mine",
+ "mis",
+ "mob",
+ "movies",
+ "mp3",
+ "msg",
+ "msn",
+ "musicas",
+ "mysql",
+ "named",
+ "nan",
+ "navi",
+ "navigation",
+ "newsletter",
+ "nick",
+ "nickname",
+ "notes",
+ "noticias",
+ "notification",
+ "notifications",
+ "notify",
+ "ns",
+ "ns1",
+ "ns10",
+ "ns2",
+ "ns3",
+ "ns4",
+ "ns5",
+ "ns6",
+ "ns7",
+ "ns8",
+ "ns9",
+ "null",
+ "oauth",
+ "oauth_clients",
+ "offer",
+ "offers",
+ "official",
+ "old",
+ "openid",
+ "operator",
+ "order",
+ "orders",
+ "organization",
+ "organizations",
+ "overview",
+ "owner",
+ "owners",
+ "pager",
+ "pages",
+ "panel",
+ "password",
+ "payment",
+ "perl",
+ "photoalbum",
+ "php",
+ "phpmyadmin",
+ "phppgadmin",
+ "phpredisadmin",
+ "pic",
+ "plan",
+ "plans",
+ "plugin",
+ "plugins",
+ "policy",
+ "pop",
+ "pop3",
+ "popular",
+ "portal",
+ "postfix",
+ "postmaster",
+ "posts",
+ "premium",
+ "price",
+ "pricing",
+ "privacy",
+ "privacy-policy",
+ "privacy_policy",
+ "privacypolicy",
+ "private",
+ "product",
+ "products",
+ "profile",
+ "project",
+ "purpose",
+ "put",
+ "python",
+ "query",
+ "random",
+ "ranking",
+ "readme",
+ "recent",
+ "recruit",
+ "recruitment",
+ "register",
+ "registration",
+ "release",
+ "remove",
+ "replies",
+ "reports",
+ "repositories",
+ "repository",
+ "req",
+ "request",
+ "requests",
+ "reset",
+ "roc",
+ "root",
+ "rss",
+ "ruby",
+ "rule",
+ "sag",
+ "sales",
+ "sample",
+ "samples",
+ "script",
+ "scripts",
+ "self",
+ "send",
+ "server",
+ "server-info",
+ "server-status",
+ "service",
+ "session",
+ "sessions",
+ "setting",
+ "settings",
+ "setup",
+ "share",
+ "sign-in",
+ "sign-up",
+ "sign_in",
+ "sign_up",
+ "signin",
+ "signout",
+ "signup",
+ "sitemap",
+ "sites",
+ "smartphone",
+ "smtp",
+ "soporte",
+ "source",
+ "spec",
+ "special",
+ "sql",
+ "src",
+ "ssh",
+ "ssl",
+ "ssladmin",
+ "ssladministrator",
+ "sslwebmaster",
+ "staff",
+ "stage",
+ "staging",
+ "start",
+ "stat",
+ "state",
+ "static",
+ "stats",
+ "status",
+ "stores",
+ "stories",
+ "styleguide",
+ "stylesheet",
+ "stylesheets",
+ "subdomain",
+ "subscribe",
+ "subscriptions",
+ "suporte",
+ "svn",
+ "swf",
+ "sys",
+ "sysadmin",
+ "sysadministrator",
+ "system",
+ "tablet",
+ "tablets",
+ "tag",
+ "task",
+ "tasks",
+ "teams",
+ "telnet",
+ "term",
+ "terms",
+ "terms-of-service",
+ "terms_of_service",
+ "termsofservice",
+ "test",
+ "test1",
+ "test2",
+ "test3",
+ "teste",
+ "testing",
+ "tests",
+ "theme",
+ "themes",
+ "thread",
+ "threads",
+ "tmp",
+ "todo",
+ "tool",
+ "topic",
+ "topics",
+ "tos",
+ "tour",
+ "translations",
+ "trends",
+ "tutorial",
+ "tux",
+ "twitter",
+ "undef",
+ "unfollow",
+ "unsubscribe",
+ "update",
+ "upload",
+ "uploads",
+ "url",
+ "usage",
+ "user",
+ "username",
+ "users",
+ "usuario",
+ "vendas",
+ "ver",
+ "version",
+ "videos",
+ "visitor",
+ "web",
+ "webhook",
+ "webhooks",
+ "webmail",
+ "webmaster",
+ "websites",
+ "welcome",
+ "widget",
+ "widgets",
+ "word",
+ "workshop",
+ "ww",
+ "wws",
+ "www",
+ "www1",
+ "www2",
+ "www3",
+ "www4",
+ "www5",
+ "www6",
+ "www7",
+ "wwws",
+ "wwww",
+ "xfn",
+ "xml",
+ "xmpp",
+ "xpg",
+ "yaml",
+ "year",
+ "yml",
+ "yourdomain",
+ "yourname",
+ "yoursite",
+ "yourusername",
+ "genesis"
+]
diff --git a/services/blob/src/config.rs b/services/blob/src/config.rs
--- a/services/blob/src/config.rs
+++ b/services/blob/src/config.rs
@@ -1,6 +1,7 @@
use anyhow::Result;
use clap::{ArgAction, Parser};
use once_cell::sync::Lazy;
+use std::collections::HashSet;
use tracing::info;
use crate::constants::{
@@ -66,3 +67,23 @@
config_builder.load().await
}
+
+fn get_all_reserved_invite_links() -> HashSet<String> {
+ // All entries in `reserved_usernames.json` must be lowercase and must also be
+ // included in `lib/utils/reserved-users.js`!!
+ let contents = include_str!("../reserved_usernames.json");
+ let reserved_usernames: Vec<String> = serde_json::from_str(contents).unwrap();
+
+ reserved_usernames.into_iter().collect()
+}
+pub static RESERVED_INVITE_LINKS: Lazy<HashSet<String>> =
+ Lazy::new(get_all_reserved_invite_links);
+
+fn get_all_offensive_invite_links() -> HashSet<String> {
+ let contents = include_str!("../third-party/bad-words/words.json");
+ let reserved_usernames: Vec<String> = serde_json::from_str(contents).unwrap();
+
+ reserved_usernames.into_iter().collect()
+}
+pub static OFFENSIVE_INVITE_LINKS: Lazy<HashSet<String>> =
+ Lazy::new(get_all_offensive_invite_links);
diff --git a/services/blob/src/constants.rs b/services/blob/src/constants.rs
--- a/services/blob/src/constants.rs
+++ b/services/blob/src/constants.rs
@@ -39,3 +39,5 @@
pub const S3_BUCKET_ENV_VAR: &str = "BLOB_S3_BUCKET_NAME";
pub const DEFAULT_S3_BUCKET_NAME: &str = "commapp-blob";
pub const S3_MULTIPART_UPLOAD_MINIMUM_CHUNK_SIZE: u64 = 5 * 1024 * 1024;
+
+pub const INVITE_LINK_BLOB_HASH_PREFIX: &str = "invite_";
diff --git a/services/blob/src/http/errors.rs b/services/blob/src/http/errors.rs
--- a/services/blob/src/http/errors.rs
+++ b/services/blob/src/http/errors.rs
@@ -52,6 +52,10 @@
debug!("Received request input error: {0:?} - {0}", err);
ErrorBadRequest("bad request")
}
+ BlobServiceError::InviteLinkError(invite_link_error) => {
+ debug!("Received invite link error: {0}", invite_link_error);
+ ErrorBadRequest("bad request")
+ }
err => {
error!("Received an unexpected error: {0:?} - {0}", err);
ErrorInternalServerError("server error")
diff --git a/services/blob/src/service.rs b/services/blob/src/service.rs
--- a/services/blob/src/service.rs
+++ b/services/blob/src/service.rs
@@ -1,4 +1,5 @@
#![allow(unused)]
+use regex::RegexSet;
use std::collections::{BTreeMap, HashSet};
use std::ops::{Bound, Range, RangeBounds, RangeInclusive};
use std::sync::Arc;
@@ -7,12 +8,15 @@
use chrono::Duration;
use comm_lib::http::ByteStream;
use comm_lib::tools::BoxedError;
+use once_cell::sync::Lazy;
use tokio_stream::StreamExt;
use tonic::codegen::futures_core::Stream;
use tracing::{debug, error, info, trace, warn};
-use crate::config::CONFIG;
-use crate::constants::S3_MULTIPART_UPLOAD_MINIMUM_CHUNK_SIZE;
+use crate::config::{CONFIG, OFFENSIVE_INVITE_LINKS, RESERVED_INVITE_LINKS};
+use crate::constants::{
+ INVITE_LINK_BLOB_HASH_PREFIX, S3_MULTIPART_UPLOAD_MINIMUM_CHUNK_SIZE,
+};
use crate::database::types::{
BlobItemInput, BlobItemRow, PrimaryKey, UncheckedKind,
};
@@ -21,6 +25,14 @@
use crate::tools::MemOps;
use crate::{constants::BLOB_DOWNLOAD_CHUNK_SIZE, database::DatabaseClient};
+#[derive(
+ Debug, derive_more::Display, derive_more::From, derive_more::Error,
+)]
+pub enum InviteLinkError {
+ Reserved,
+ Offensive,
+}
+
#[derive(
Debug, derive_more::Display, derive_more::From, derive_more::Error,
)]
@@ -31,6 +43,7 @@
DB(DBError),
S3(S3Error),
InputError(#[error(ignore)] BoxedError),
+ InviteLinkError(InviteLinkError),
}
type BlobServiceResult<T> = Result<T, BlobServiceError>;
@@ -49,6 +62,10 @@
pub orphan_protection_period: chrono::Duration,
}
+static OFFENSIVE_INVITE_LINKS_REGEX_SET: Lazy<RegexSet> = Lazy::new(|| {
+ RegexSet::new(OFFENSIVE_INVITE_LINKS.iter().collect::<Vec<_>>()).unwrap()
+});
+
impl Default for BlobServiceConfig {
fn default() -> Self {
BlobServiceConfig {
@@ -117,6 +134,23 @@
Ok(session)
}
+ fn validate_invite_link_blob_hash(
+ invite_secret: &str,
+ ) -> Result<(), BlobServiceError> {
+ let lowercase_secret = invite_secret.to_lowercase();
+ if (RESERVED_INVITE_LINKS.contains(&lowercase_secret)) {
+ debug!("Reserved invite link");
+ return Err(BlobServiceError::InviteLinkError(InviteLinkError::Reserved));
+ }
+ if (OFFENSIVE_INVITE_LINKS_REGEX_SET.is_match(&lowercase_secret)) {
+ debug!("Offensive invite link");
+ return Err(BlobServiceError::InviteLinkError(
+ InviteLinkError::Offensive,
+ ));
+ }
+ Ok(())
+ }
+
pub async fn put_blob(
&self,
blob_hash: impl Into<String>,
@@ -125,11 +159,17 @@
let blob_hash: String = blob_hash.into();
let blob_item = BlobItemInput::new(&blob_hash);
- if self.db.get_blob_item(blob_hash).await?.is_some() {
+ if self.db.get_blob_item(&blob_hash).await?.is_some() {
debug!("Blob already exists");
return Err(BlobServiceError::BlobAlreadyExists);
}
+ if let Some(invite_secret) =
+ blob_hash.strip_prefix(INVITE_LINK_BLOB_HASH_PREFIX)
+ {
+ Self::validate_invite_link_blob_hash(&invite_secret)?;
+ }
+
let mut upload_session =
self.s3.start_upload_session(&blob_item.s3_path).await?;
trace!(?blob_item, "Started S3 upload session");
diff --git a/services/blob/third-party/bad-words/LICENSE b/services/blob/third-party/bad-words/LICENSE
new file mode 100644
--- /dev/null
+++ b/services/blob/third-party/bad-words/LICENSE
@@ -0,0 +1,20 @@
+The MIT License (MIT)
+
+Copyright (c) 2015 Michael Price
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/services/blob/third-party/bad-words/words.json b/services/blob/third-party/bad-words/words.json
new file mode 100644
--- /dev/null
+++ b/services/blob/third-party/bad-words/words.json
@@ -0,0 +1,449 @@
+[
+ "ahole",
+ "anus",
+ "ash0le",
+ "ash0les",
+ "asholes",
+ "ass",
+ "Ass Monkey",
+ "Assface",
+ "assh0le",
+ "assh0lez",
+ "asshole",
+ "assholes",
+ "assholz",
+ "asswipe",
+ "azzhole",
+ "bassterds",
+ "bastard",
+ "bastards",
+ "bastardz",
+ "basterds",
+ "basterdz",
+ "Biatch",
+ "bitch",
+ "bitches",
+ "Blow Job",
+ "boffing",
+ "butthole",
+ "buttwipe",
+ "c0ck",
+ "c0cks",
+ "c0k",
+ "Carpet Muncher",
+ "cawk",
+ "cawks",
+ "Clit",
+ "cnts",
+ "cntz",
+ "cock",
+ "cockhead",
+ "cock-head",
+ "cocks",
+ "CockSucker",
+ "cock-sucker",
+ "crap",
+ "cum",
+ "cunt",
+ "cunts",
+ "cuntz",
+ "dick",
+ "dild0",
+ "dild0s",
+ "dildo",
+ "dildos",
+ "dilld0",
+ "dilld0s",
+ "dominatricks",
+ "dominatrics",
+ "dominatrix",
+ "dyke",
+ "enema",
+ "f u c k",
+ "f u c k e r",
+ "fag",
+ "fag1t",
+ "faget",
+ "fagg1t",
+ "faggit",
+ "faggot",
+ "fagg0t",
+ "fagit",
+ "fags",
+ "fagz",
+ "faig",
+ "faigs",
+ "fart",
+ "flipping the bird",
+ "fuck",
+ "fucker",
+ "fuckin",
+ "fucking",
+ "fucks",
+ "Fudge Packer",
+ "fuk",
+ "Fukah",
+ "Fuken",
+ "fuker",
+ "Fukin",
+ "Fukk",
+ "Fukkah",
+ "Fukken",
+ "Fukker",
+ "Fukkin",
+ "g00k",
+ "God-damned",
+ "h00r",
+ "h0ar",
+ "h0re",
+ "hells",
+ "hoar",
+ "hoor",
+ "hoore",
+ "jackoff",
+ "jap",
+ "japs",
+ "jerk-off",
+ "jisim",
+ "jiss",
+ "jizm",
+ "jizz",
+ "knob",
+ "knobs",
+ "knobz",
+ "kunt",
+ "kunts",
+ "kuntz",
+ "Lezzian",
+ "Lipshits",
+ "Lipshitz",
+ "masochist",
+ "masokist",
+ "massterbait",
+ "masstrbait",
+ "masstrbate",
+ "masterbaiter",
+ "masterbate",
+ "masterbates",
+ "Motha Fucker",
+ "Motha Fuker",
+ "Motha Fukkah",
+ "Motha Fukker",
+ "Mother Fucker",
+ "Mother Fukah",
+ "Mother Fuker",
+ "Mother Fukkah",
+ "Mother Fukker",
+ "mother-fucker",
+ "Mutha Fucker",
+ "Mutha Fukah",
+ "Mutha Fuker",
+ "Mutha Fukkah",
+ "Mutha Fukker",
+ "n1gr",
+ "nastt",
+ "nigger;",
+ "nigur;",
+ "niiger;",
+ "niigr;",
+ "orafis",
+ "orgasim;",
+ "orgasm",
+ "orgasum",
+ "oriface",
+ "orifice",
+ "orifiss",
+ "packi",
+ "packie",
+ "packy",
+ "paki",
+ "pakie",
+ "paky",
+ "pecker",
+ "peeenus",
+ "peeenusss",
+ "peenus",
+ "peinus",
+ "pen1s",
+ "penas",
+ "penis",
+ "penis-breath",
+ "penus",
+ "penuus",
+ "Phuc",
+ "Phuck",
+ "Phuk",
+ "Phuker",
+ "Phukker",
+ "polac",
+ "polack",
+ "polak",
+ "Poonani",
+ "pr1c",
+ "pr1ck",
+ "pr1k",
+ "pusse",
+ "pussee",
+ "pussy",
+ "puuke",
+ "puuker",
+ "qweir",
+ "recktum",
+ "rectum",
+ "retard",
+ "sadist",
+ "scank",
+ "schlong",
+ "screwing",
+ "semen",
+ "sex",
+ "sexy",
+ "Sh!t",
+ "sh1t",
+ "sh1ter",
+ "sh1ts",
+ "sh1tter",
+ "sh1tz",
+ "shit",
+ "shits",
+ "shitter",
+ "Shitty",
+ "Shity",
+ "shitz",
+ "Shyt",
+ "Shyte",
+ "Shytty",
+ "Shyty",
+ "skanck",
+ "skank",
+ "skankee",
+ "skankey",
+ "skanks",
+ "Skanky",
+ "slag",
+ "slut",
+ "sluts",
+ "Slutty",
+ "slutz",
+ "son-of-a-bitch",
+ "tit",
+ "turd",
+ "va1jina",
+ "vag1na",
+ "vagiina",
+ "vagina",
+ "vaj1na",
+ "vajina",
+ "vullva",
+ "vulva",
+ "w0p",
+ "wh00r",
+ "wh0re",
+ "whore",
+ "xrated",
+ "xxx",
+ "b!+ch",
+ "bitch",
+ "blowjob",
+ "clit",
+ "arschloch",
+ "fuck",
+ "shit",
+ "ass",
+ "asshole",
+ "b!tch",
+ "b17ch",
+ "b1tch",
+ "bastard",
+ "bi+ch",
+ "boiolas",
+ "buceta",
+ "c0ck",
+ "cawk",
+ "chink",
+ "cipa",
+ "clits",
+ "cock",
+ "cum",
+ "cunt",
+ "dildo",
+ "dirsa",
+ "ejakulate",
+ "fatass",
+ "fcuk",
+ "fuk",
+ "fux0r",
+ "hoer",
+ "hore",
+ "jism",
+ "kawk",
+ "l3itch",
+ "l3i+ch",
+ "masturbate",
+ "masterbat.*",
+ "masterbat3",
+ "motherfucker",
+ "s.o.b.",
+ "mofo",
+ "nazi",
+ "nigga",
+ "nigger",
+ "nutsack",
+ "phuck",
+ "pimpis",
+ "pusse",
+ "pussy",
+ "scrotum",
+ "sh!t",
+ "shemale",
+ "shi+",
+ "sh!+",
+ "slut",
+ "smut",
+ "teets",
+ "tits",
+ "boobs",
+ "b00bs",
+ "teez",
+ "testical",
+ "testicle",
+ "titt",
+ "w00se",
+ "jackoff",
+ "wank",
+ "whoar",
+ "whore",
+ ".*damn",
+ ".*dyke",
+ ".*fuck.*",
+ ".*shit.*",
+ "@$$",
+ "amcik",
+ "andskota",
+ "arse.*",
+ "assrammer",
+ "ayir",
+ "bi7ch",
+ "bitch.*",
+ "bollock.*",
+ "breasts",
+ "butt-pirate",
+ "cabron",
+ "cazzo",
+ "chraa",
+ "chuj",
+ "Cock.*",
+ "cunt.*",
+ "d4mn",
+ "daygo",
+ "dego",
+ "dick.*",
+ "dike.*",
+ "dupa",
+ "dziwka",
+ "ejackulate",
+ "Ekrem.*",
+ "Ekto",
+ "enculer",
+ "faen",
+ "fag.*",
+ "fanculo",
+ "fanny",
+ "feces",
+ "feg",
+ "Felcher",
+ "ficken",
+ "fitt.*",
+ "Flikker",
+ "foreskin",
+ "Fotze",
+ "Fu\\(.*",
+ "fuk.*",
+ "futkretzn",
+ "gook",
+ "guiena",
+ "h0r",
+ "h4x0r",
+ "hell",
+ "helvete",
+ "hoer.*",
+ "honkey",
+ "Huevon",
+ "hui",
+ "injun",
+ "jizz",
+ "kanker.*",
+ "kike",
+ "klootzak",
+ "kraut",
+ "knulle",
+ "kuk",
+ "kuksuger",
+ "Kurac",
+ "kurwa",
+ "kusi.*",
+ "kyrpa.*",
+ "lesbo",
+ "mamhoon",
+ "masturbat.*",
+ "merd.*",
+ "mibun",
+ "monkleigh",
+ "mouliewop",
+ "muie",
+ "mulkku",
+ "muschi",
+ "nazis",
+ "nepesaurio",
+ "nigger.*",
+ "orospu",
+ "paska.*",
+ "perse",
+ "picka",
+ "pierdol.*",
+ "pillu.*",
+ "pimmel",
+ "piss.*",
+ "pizda",
+ "poontsee",
+ "poop",
+ "porn",
+ "p0rn",
+ "pr0n",
+ "preteen",
+ "pula",
+ "pule",
+ "puta",
+ "puto",
+ "qahbeh",
+ "queef.*",
+ "rautenberg",
+ "schaffer",
+ "scheiss.*",
+ "schlampe",
+ "schmuck",
+ "screw",
+ "sh!t.*",
+ "sharmuta",
+ "sharmute",
+ "shipal",
+ "shiz",
+ "skribz",
+ "skurwysyn",
+ "sphencter",
+ "spic",
+ "spierdalaj",
+ "splooge",
+ "suka",
+ "b00b.*",
+ "testicle.*",
+ "titt.*",
+ "twat",
+ "vittu",
+ "wank.*",
+ "wetback.*",
+ "wichser",
+ "wop.*",
+ "yed",
+ "zabourah"
+]