diff --git a/lib/utils/reserved-users.js b/lib/utils/reserved-users.js --- a/lib/utils/reserved-users.js +++ b/lib/utils/reserved-users.js @@ -1,7 +1,8 @@ // @flow // All entries in this list must be lowercase and must also be included in -// `services/identity/reserved_usernames.json`!! +// `services/identity/reserved_usernames.json` and in +// `services/blob/reserved_usernames.json`!! const reservedUsernamesSet: $ReadOnlySet = new Set([ // Additional Reserved Keywords 'comm', diff --git a/services/blob/Cargo.lock b/services/blob/Cargo.lock --- a/services/blob/Cargo.lock +++ b/services/blob/Cargo.lock @@ -291,9 +291,9 @@ [[package]] name = "aho-corasick" -version = "0.7.19" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4f55bd91a0978cbfd91c457a164bab8b4001c833b7f323132c0a4e1922dd44e" +checksum = "b2969dcb958b36655471fc61f7e416fa76033bdd4bfed0678d8fee1e2d07a1f0" dependencies = [ "memchr", ] @@ -937,7 +937,9 @@ "http", "once_cell", "prost", + "regex", "serde", + "serde_json", "tokio", "tokio-stream", "tonic 0.8.2", @@ -1867,7 +1869,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8263075bb86c5a1b1427b5ae862e8889656f126e9f77c484496e8b47cf5c5558" dependencies = [ - "regex-automata", + "regex-automata 0.1.10", ] [[package]] @@ -1893,9 +1895,9 @@ [[package]] name = "memchr" -version = "2.5.0" +version = "2.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" +checksum = "523dc4f511e55ab87b694dc30d0f820d60906ef06413f93d4d7a1385599cc149" [[package]] name = "mime" @@ -2268,13 +2270,14 @@ [[package]] name = "regex" -version = "1.7.0" +version = "1.10.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e076559ef8e241f2ae3479e36f97bd5741c0330689e217ad51ce2c76808b868a" +checksum = "b62dbe01f0b06f9d8dc7d49e05a0785f153b00b2c227856282f671e0318c9b15" dependencies = [ "aho-corasick", "memchr", - "regex-syntax", + "regex-automata 0.4.5", + "regex-syntax 0.8.2", ] [[package]] @@ -2283,7 +2286,18 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132" dependencies = [ - "regex-syntax", + "regex-syntax 0.6.28", +] + +[[package]] +name = "regex-automata" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5bb987efffd3c6d0d8f5f89510bb458559eab11e4f869acb20bf845e016259cd" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax 0.8.2", ] [[package]] @@ -2292,6 +2306,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "456c603be3e8d448b072f410900c09faf164fbce2d480456f50eea6e25f9c848" +[[package]] +name = "regex-syntax" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f" + [[package]] name = "ring" version = "0.16.20" diff --git a/services/blob/Cargo.toml b/services/blob/Cargo.toml --- a/services/blob/Cargo.toml +++ b/services/blob/Cargo.toml @@ -21,6 +21,7 @@ http = "0.2" once_cell = "1.17" prost = "0.11" +regex = "1.10.3" serde = { version = "1.0", features = ["derive"] } tokio = { version = "1.24", features = ["rt-multi-thread"] } tokio-stream = "0.1" @@ -29,3 +30,4 @@ tracing-actix-web = "0.7.3" tracing-futures = { version = "0.2", features = ["futures-03"] } tracing-subscriber = { version = "0.3", features = ["env-filter"] } +serde_json = "1.0.95" diff --git a/services/blob/reserved_usernames.json b/services/blob/reserved_usernames.json new file mode 100644 --- /dev/null +++ b/services/blob/reserved_usernames.json @@ -0,0 +1,2223 @@ +[ + "comm", + "dapp-tools", + "dapp_tools", + "ethers-js", + "ethers_js", + "ganache-cli", + "ganache_cli", + "hardhat", + "mod", + "moderator", + "solidity", + "truffle", + "web3", + "web3modal", + "0", + "12", + "49", + "478", + "1hive", + "aave", + "agoraspace", + "aladdindao", + "alchemistdao", + "allships", + "ampled", + "angeldao", + "aragon", + "badgerdao", + "bankless", + "bardao", + "bayc", + "beetsdao", + "braintrust", + "bright", + "brightid", + "brightmomentsgallery", + "brrdao", + "cabindao", + "canudao", + "cedge", + "clip", + "closerdao", + "coinvise", + "collab-land", + "collab_land", + "colony", + "comp", + "compound", + "coordinape", + "cre8club", + "crisisdao", + "cspdao", + "daohaus", + "daosquare", + "daostack", + "darkstardao", + "decred", + "developerdao", + "devs", + "dfdao", + "dinnerdao", + "dinogangz", + "discodao", + "distributed-town", + "distributed_town", + "divineroles", + "dopewarsdao", + "dorg", + "duckdao", + "dxdao", + "edendao", + "elektradao", + "ethernautdao", + "etherscan", + "evewealth", + "ff", + "fiatluxdao", + "fingerprints", + "fireeyes", + "flamingodao", + "forefront", + "freecompany", + "friendswithbenefits", + "fwb", + "gardens", + "gcr", + "genezisbiohacking", + "genre", + "geometrydao", + "gitcoin", + "gnosis", + "gnosissafe", + "gorn", + "gornhegemonydao", + "gremlins", + "guildhall", + "habitat", + "heatdao", + "herstorydao", + "honeydao", + "idlefinance", + "indexcoop", + "insuredao", + "jennydao", + "joystream", + "jumperdao", + "keeperdao", + "kleoverse", + "komorebicollective", + "krause", + "krausehouse", + "learndao", + "leavingrecords", + "lex", + "lexdao", + "llama", + "lovesocietydao", + "lurkerdao", + "magnetdao", + "makerdao", + "maodao", + "maskdao", + "meebitsdao", + "meritcircle", + "metacartel", + "metafam", + "metagammadelta", + "metamask", + "metaversedao", + "minty", + "mirror-xyz", + "mirror_xyz", + "mirrorclubdao", + "molochdao", + "moonshotcollective", + "moshdao", + "muse0", + "nebo", + "neptunedao", + "nfdao", + "nounsdao", + "olympusdao", + "opendao", + "opensea", + "opolis", + "orcaprotocol", + "pacdao", + "paperclip", + "parcel", + "party", + "partydao", + "peerion", + "phlotedao", + "physicalanddigitalartaficionados", + "pizzadao", + "pleasrdao", + "pokemontrainersclub", + "prints", + "proofofhumanity", + "prosperdao", + "proteindao", + "psydao", + "rabbithole", + "raidguild", + "rainbowwallet", + "raribledao", + "readyplayerdao", + "reddao", + "ref", + "retokendao", + "ribondao", + "rumblekong", + "sarcophagus", + "scribedao", + "seedclub", + "sharkdao", + "shinydao", + "snapshot", + "snx", + "sourcecred", + "spork", + "sporkdao", + "sputnik-fund", + "sputnik_fund", + "squaddao", + "squig", + "squiggle", + "stack", + "stackerventuresdao", + "syndicate", + "synthetix", + "tally", + "taodao", + "tarascadao", + "terrachess", + "thelao", + "thewipmeetup", + "thugdao", + "tinseldao", + "tokenwalkdao", + "tomomasterdao", + "triforcedao", + "trippy", + "trojandao", + "ultradao", + "universitydao", + "unlockdao", + "vectordao", + "viariodao", + "vita", + "vitadao", + "walletconnect", + "whalerdao", + "whiskeypioneers", + "yamdao", + "yearn", + "yfi", + "ygg", + "zouzoukwa", + "aaa", + "aarp", + "abarth", + "abb", + "abbott", + "abbvie", + "abc", + "able", + "abogado", + "abudhabi", + "ac", + "academy", + "accenture", + "accountant", + "accountants", + "aco", + "actor", + "ad", + "adac", + "ads", + "adult", + "ae", + "aeg", + "aero", + "aetna", + "af", + "afamilycompany", + "afl", + "africa", + "ag", + "agakhan", + "agency", + "ai", + "aig", + "airbus", + "airforce", + "airtel", + "akdn", + "al", + "alfaromeo", + "alibaba", + "alipay", + "allfinanz", + "allstate", + "ally", + "alsace", + "alstom", + "am", + "amazon", + "americanexpress", + "americanfamily", + "amex", + "amfam", + "amica", + "amsterdam", + "analytics", + "android", + "anquan", + "anz", + "ao", + "aol", + "apartments", + "app", + "apple", + "aq", + "aquarelle", + "ar", + "arab", + "aramco", + "archi", + "army", + "arpa", + "art", + "arte", + "as", + "asda", + "asia", + "associates", + "at", + "athleta", + "attorney", + "au", + "auction", + "audi", + "audible", + "audio", + "auspost", + "author", + "auto", + "autos", + "avianca", + "aw", + "aws", + "ax", + "axa", + "az", + "azure", + "ba", + "baby", + "baidu", + "banamex", + "bananarepublic", + "band", + "bank", + "bar", + "barcelona", + "barclaycard", + "barclays", + "barefoot", + "bargains", + "baseball", + "basketball", + "bauhaus", + "bayern", + "bb", + "bbc", + "bbt", + "bbva", + "bcg", + "bcn", + "bd", + "be", + "beats", + "beauty", + "beer", + "bentley", + "berlin", + "best", + "bestbuy", + "bet", + "bf", + "bg", + "bh", + "bharti", + "bi", + "bible", + "bid", + "bike", + "bing", + "bingo", + "bio", + "biz", + "bj", + "black", + "blackfriday", + "blockbuster", + "blog", + "bloomberg", + "blue", + "bm", + "bms", + "bmw", + "bn", + "bnpparibas", + "bo", + "boats", + "boehringer", + "bofa", + "bom", + "bond", + "boo", + "book", + "booking", + "bosch", + "bostik", + "boston", + "bot", + "boutique", + "box", + "br", + "bradesco", + "bridgestone", + "broadway", + "broker", + "brother", + "brussels", + "bs", + "bt", + "budapest", + "bugatti", + "build", + "builders", + "business", + "buy", + "buzz", + "bv", + "bw", + "by", + "bz", + "bzh", + "ca", + "cab", + "cafe", + "cal", + "call", + "calvinklein", + "cam", + "camera", + "camp", + "cancerresearch", + "canon", + "capetown", + "capital", + "capitalone", + "car", + "caravan", + "cards", + "care", + "career", + "careers", + "cars", + "casa", + "case", + "cash", + "casino", + "cat", + "catering", + "catholic", + "cba", + "cbn", + "cbre", + "cbs", + "cc", + "cd", + "center", + "ceo", + "cern", + "cf", + "cfa", + "cfd", + "cg", + "ch", + "chanel", + "channel", + "charity", + "chase", + "chat", + "cheap", + "chintai", + "christmas", + "chrome", + "church", + "ci", + "cipriani", + "circle", + "cisco", + "citadel", + "citi", + "citic", + "city", + "cityeats", + "ck", + "cl", + "claims", + "cleaning", + "click", + "clinic", + "clinique", + "clothing", + "cloud", + "club", + "clubmed", + "cm", + "cn", + "co", + "coach", + "codes", + "coffee", + "college", + "cologne", + "com", + "comcast", + "commbank", + "community", + "company", + "compare", + "computer", + "comsec", + "condos", + "construction", + "consulting", + "contact", + "contractors", + "cooking", + "cookingchannel", + "cool", + "coop", + "corsica", + "country", + "coupon", + "coupons", + "courses", + "cpa", + "cr", + "credit", + "creditcard", + "creditunion", + "cricket", + "crown", + "crs", + "cruise", + "cruises", + "csc", + "cu", + "cuisinella", + "cv", + "cw", + "cx", + "cy", + "cymru", + "cyou", + "cz", + "dabur", + "dad", + "dance", + "data", + "date", + "dating", + "datsun", + "day", + "dclk", + "dds", + "de", + "deal", + "dealer", + "deals", + "degree", + "delivery", + "dell", + "deloitte", + "delta", + "democrat", + "dental", + "dentist", + "desi", + "design", + "dev", + "dhl", + "diamonds", + "diet", + "digital", + "direct", + "directory", + "discount", + "discover", + "dish", + "diy", + "dj", + "dk", + "dm", + "dnp", + "do", + "docs", + "doctor", + "dog", + "domains", + "dot", + "download", + "drive", + "dtv", + "dubai", + "duck", + "dunlop", + "dupont", + "durban", + "dvag", + "dvr", + "dz", + "earth", + "eat", + "ec", + "eco", + "edeka", + "edu", + "education", + "ee", + "eg", + "email", + "emerck", + "energy", + "engineer", + "engineering", + "enterprises", + "epson", + "equipment", + "er", + "ericsson", + "erni", + "es", + "esq", + "estate", + "et", + "etisalat", + "eu", + "eurovision", + "eus", + "events", + "exchange", + "expert", + "exposed", + "express", + "extraspace", + "fage", + "fail", + "fairwinds", + "faith", + "family", + "fan", + "fans", + "farm", + "farmers", + "fashion", + "fast", + "fedex", + "feedback", + "ferrari", + "ferrero", + "fi", + "fiat", + "fidelity", + "fido", + "film", + "final", + "finance", + "financial", + "fire", + "firestone", + "firmdale", + "fish", + "fishing", + "fit", + "fitness", + "fj", + "fk", + "flickr", + "flights", + "flir", + "florist", + "flowers", + "fly", + "fm", + "fo", + "foo", + "food", + "foodnetwork", + "football", + "ford", + "forex", + "forsale", + "forum", + "foundation", + "fox", + "fr", + "free", + "fresenius", + "frl", + "frogans", + "frontdoor", + "frontier", + "ftr", + "fujitsu", + "fun", + "fund", + "furniture", + "futbol", + "fyi", + "ga", + "gal", + "gallery", + "gallo", + "gallup", + "game", + "games", + "gap", + "garden", + "gay", + "gb", + "gbiz", + "gd", + "gdn", + "ge", + "gea", + "gent", + "genting", + "george", + "gf", + "gg", + "ggee", + "gh", + "gi", + "gift", + "gifts", + "gives", + "giving", + "gl", + "glade", + "glass", + "gle", + "global", + "globo", + "gm", + "gmail", + "gmbh", + "gmo", + "gmx", + "gn", + "godaddy", + "gold", + "goldpoint", + "golf", + "goo", + "goodyear", + "goog", + "google", + "gop", + "got", + "gov", + "gp", + "gq", + "gr", + "grainger", + "graphics", + "gratis", + "green", + "gripe", + "grocery", + "group", + "gs", + "gt", + "gu", + "guardian", + "gucci", + "guge", + "guide", + "guitars", + "guru", + "gw", + "gy", + "hair", + "hamburg", + "hangout", + "haus", + "hbo", + "hdfc", + "hdfcbank", + "health", + "healthcare", + "help", + "helsinki", + "here", + "hermes", + "hgtv", + "hiphop", + "hisamitsu", + "hitachi", + "hiv", + "hk", + "hkt", + "hm", + "hn", + "hockey", + "holdings", + "holiday", + "homedepot", + "homegoods", + "homes", + "homesense", + "honda", + "horse", + "hospital", + "host", + "hosting", + "hot", + "hoteles", + "hotels", + "hotmail", + "house", + "how", + "hr", + "hsbc", + "ht", + "hu", + "hughes", + "hyatt", + "hyundai", + "ibm", + "icbc", + "ice", + "icu", + "id", + "ie", + "ieee", + "ifm", + "ikano", + "il", + "im", + "imamat", + "imdb", + "immo", + "immobilien", + "in", + "inc", + "industries", + "infiniti", + "info", + "ing", + "ink", + "institute", + "insurance", + "insure", + "int", + "international", + "intuit", + "investments", + "io", + "ipiranga", + "iq", + "ir", + "irish", + "is", + "ismaili", + "ist", + "istanbul", + "it", + "itau", + "itv", + "jaguar", + "java", + "jcb", + "je", + "jeep", + "jetzt", + "jewelry", + "jio", + "jll", + "jm", + "jmp", + "jnj", + "jo", + "jobs", + "joburg", + "jot", + "joy", + "jp", + "jpmorgan", + "jprs", + "juegos", + "juniper", + "kaufen", + "kddi", + "ke", + "kerryhotels", + "kerrylogistics", + "kerryproperties", + "kfh", + "kg", + "kh", + "ki", + "kia", + "kim", + "kinder", + "kindle", + "kitchen", + "kiwi", + "km", + "kn", + "koeln", + "komatsu", + "kosher", + "kp", + "kpmg", + "kpn", + "kr", + "krd", + "kred", + "kuokgroup", + "kw", + "ky", + "kyoto", + "kz", + "la", + "lacaixa", + "lamborghini", + "lamer", + "lancaster", + "lancia", + "land", + "landrover", + "lanxess", + "lasalle", + "lat", + "latino", + "latrobe", + "law", + "lawyer", + "lb", + "lc", + "lds", + "lease", + "leclerc", + "lefrak", + "legal", + "lego", + "lexus", + "lgbt", + "li", + "lidl", + "life", + "lifeinsurance", + "lifestyle", + "lighting", + "like", + "lilly", + "limited", + "limo", + "lincoln", + "linde", + "link", + "lipsy", + "live", + "living", + "lixil", + "lk", + "llc", + "llp", + "loan", + "loans", + "locker", + "locus", + "loft", + "lol", + "london", + "lotte", + "lotto", + "love", + "lpl", + "lplfinancial", + "lr", + "ls", + "lt", + "ltd", + "ltda", + "lu", + "lundbeck", + "luxe", + "luxury", + "lv", + "ly", + "ma", + "macys", + "madrid", + "maif", + "maison", + "makeup", + "man", + "management", + "mango", + "map", + "market", + "marketing", + "markets", + "marriott", + "marshalls", + "maserati", + "mattel", + "mba", + "mc", + "mckinsey", + "md", + "me", + "med", + "media", + "meet", + "melbourne", + "meme", + "memorial", + "men", + "menu", + "merckmsd", + "mg", + "mh", + "miami", + "microsoft", + "mil", + "mini", + "mint", + "mit", + "mitsubishi", + "mk", + "ml", + "mlb", + "mls", + "mm", + "mma", + "mn", + "mo", + "mobi", + "mobile", + "moda", + "moe", + "moi", + "mom", + "monash", + "money", + "monster", + "mormon", + "mortgage", + "moscow", + "moto", + "motorcycles", + "mov", + "movie", + "mp", + "mq", + "mr", + "ms", + "msd", + "mt", + "mtn", + "mtr", + "mu", + "museum", + "music", + "mutual", + "mv", + "mw", + "mx", + "my", + "mz", + "na", + "nab", + "nagoya", + "name", + "natura", + "navy", + "nba", + "nc", + "ne", + "nec", + "net", + "netbank", + "netflix", + "network", + "neustar", + "new", + "news", + "next", + "nextdirect", + "nexus", + "nf", + "nfl", + "ng", + "ngo", + "nhk", + "ni", + "nico", + "nike", + "nikon", + "ninja", + "nissan", + "nissay", + "nl", + "no", + "nokia", + "northwesternmutual", + "norton", + "now", + "nowruz", + "nowtv", + "np", + "nr", + "nra", + "nrw", + "ntt", + "nu", + "nyc", + "nz", + "obi", + "observer", + "off", + "office", + "okinawa", + "olayan", + "olayangroup", + "oldnavy", + "ollo", + "om", + "omega", + "one", + "ong", + "onl", + "online", + "ooo", + "open", + "oracle", + "orange", + "org", + "organic", + "origins", + "osaka", + "otsuka", + "ott", + "ovh", + "pa", + "page", + "panasonic", + "paris", + "pars", + "partners", + "parts", + "passagens", + "pay", + "pccw", + "pe", + "pet", + "pf", + "pfizer", + "pg", + "ph", + "pharmacy", + "phd", + "philips", + "phone", + "photo", + "photography", + "photos", + "physio", + "pics", + "pictet", + "pictures", + "pid", + "pin", + "ping", + "pink", + "pioneer", + "pizza", + "pk", + "pl", + "place", + "play", + "playstation", + "plumbing", + "plus", + "pm", + "pn", + "pnc", + "pohl", + "poker", + "politie", + "porn", + "post", + "pr", + "pramerica", + "praxi", + "press", + "prime", + "pro", + "prod", + "productions", + "prof", + "progressive", + "promo", + "properties", + "property", + "protection", + "pru", + "prudential", + "ps", + "pt", + "pub", + "pw", + "pwc", + "py", + "qa", + "qpon", + "quebec", + "quest", + "racing", + "radio", + "raid", + "re", + "read", + "realestate", + "realtor", + "realty", + "recipes", + "red", + "redstone", + "redumbrella", + "rehab", + "reise", + "reisen", + "reit", + "reliance", + "ren", + "rent", + "rentals", + "repair", + "report", + "republican", + "rest", + "restaurant", + "review", + "reviews", + "rexroth", + "rich", + "richardli", + "ricoh", + "ril", + "rio", + "rip", + "ro", + "rocher", + "rocks", + "rodeo", + "rogers", + "room", + "rs", + "rsvp", + "ru", + "rugby", + "ruhr", + "run", + "rw", + "rwe", + "ryukyu", + "sa", + "saarland", + "safe", + "safety", + "sakura", + "sale", + "salon", + "samsclub", + "samsung", + "sandvik", + "sandvikcoromant", + "sanofi", + "sap", + "sarl", + "sas", + "save", + "saxo", + "sb", + "sbi", + "sbs", + "sc", + "sca", + "scb", + "schaeffler", + "schmidt", + "scholarships", + "school", + "schule", + "schwarz", + "science", + "scjohnson", + "scot", + "sd", + "se", + "search", + "seat", + "secure", + "security", + "seek", + "select", + "sener", + "services", + "ses", + "seven", + "sew", + "sex", + "sexy", + "sfr", + "sg", + "sh", + "shangrila", + "sharp", + "shaw", + "shell", + "shia", + "shiksha", + "shoes", + "shop", + "shopping", + "shouji", + "show", + "showtime", + "si", + "silk", + "sina", + "singles", + "site", + "sj", + "sk", + "ski", + "skin", + "sky", + "skype", + "sl", + "sling", + "sm", + "smart", + "smile", + "sn", + "sncf", + "so", + "soccer", + "social", + "softbank", + "software", + "sohu", + "solar", + "solutions", + "song", + "sony", + "soy", + "spa", + "space", + "sport", + "spot", + "sr", + "srl", + "ss", + "st", + "stada", + "staples", + "star", + "statebank", + "statefarm", + "stc", + "stcgroup", + "stockholm", + "storage", + "store", + "stream", + "studio", + "study", + "style", + "su", + "sucks", + "supplies", + "supply", + "support", + "surf", + "surgery", + "suzuki", + "sv", + "swatch", + "swiss", + "sx", + "sy", + "sydney", + "systems", + "sz", + "tab", + "taipei", + "talk", + "taobao", + "target", + "tatamotors", + "tatar", + "tattoo", + "tax", + "taxi", + "tc", + "tci", + "td", + "tdk", + "team", + "tech", + "technology", + "tel", + "temasek", + "tennis", + "teva", + "tf", + "tg", + "th", + "thd", + "theater", + "theatre", + "tiaa", + "tickets", + "tienda", + "tiffany", + "tips", + "tires", + "tirol", + "tj", + "tjmaxx", + "tjx", + "tk", + "tkmaxx", + "tl", + "tm", + "tmall", + "tn", + "to", + "today", + "tokyo", + "tools", + "top", + "toray", + "toshiba", + "total", + "tours", + "town", + "toyota", + "toys", + "tr", + "trade", + "trading", + "training", + "travel", + "travelchannel", + "travelers", + "travelersinsurance", + "trust", + "trv", + "tt", + "tube", + "tui", + "tunes", + "tushu", + "tv", + "tvs", + "tw", + "tz", + "ua", + "ubank", + "ubs", + "ug", + "uk", + "unicom", + "university", + "uno", + "uol", + "ups", + "us", + "uy", + "uz", + "va", + "vacations", + "vana", + "vanguard", + "vc", + "ve", + "vegas", + "ventures", + "verisign", + "versicherung", + "vet", + "vg", + "vi", + "viajes", + "video", + "vig", + "viking", + "villas", + "vin", + "vip", + "virgin", + "visa", + "vision", + "viva", + "vivo", + "vlaanderen", + "vn", + "vodka", + "volkswagen", + "volvo", + "vote", + "voting", + "voto", + "voyage", + "vu", + "vuelos", + "wales", + "walmart", + "walter", + "wang", + "wanggou", + "watch", + "watches", + "weather", + "weatherchannel", + "webcam", + "weber", + "website", + "wed", + "wedding", + "weibo", + "weir", + "wf", + "whoswho", + "wien", + "wiki", + "williamhill", + "win", + "windows", + "wine", + "winners", + "wme", + "wolterskluwer", + "woodside", + "work", + "works", + "world", + "wow", + "ws", + "wtc", + "wtf", + "xbox", + "xerox", + "xfinity", + "xihuan", + "xin", + "xn--11b4c3d", + "xn--1ck2e1b", + "xn--1qqw23a", + "xn--2scrj9c", + "xn--30rr7y", + "xn--3bst00m", + "xn--3ds443g", + "xn--3e0b707e", + "xn--3hcrj9c", + "xn--3pxu8k", + "xn--42c2d9a", + "xn--45br5cyl", + "xn--45brj9c", + "xn--45q11c", + "xn--4dbrk0ce", + "xn--4gbrim", + "xn--54b7fta0cc", + "xn--55qw42g", + "xn--55qx5d", + "xn--5su34j936bgsg", + "xn--5tzm5g", + "xn--6frz82g", + "xn--6qq986b3xl", + "xn--80adxhks", + "xn--80ao21a", + "xn--80aqecdr1a", + "xn--80asehdb", + "xn--80aswg", + "xn--8y0a063a", + "xn--90a3ac", + "xn--90ae", + "xn--90ais", + "xn--9dbq2a", + "xn--9et52u", + "xn--9krt00a", + "xn--b4w605ferd", + "xn--bck1b9a5dre4c", + "xn--c1avg", + "xn--c2br7g", + "xn--cck2b3b", + "xn--cckwcxetd", + "xn--cg4bki", + "xn--clchc0ea0b2g2a9gcd", + "xn--czr694b", + "xn--czrs0t", + "xn--czru2d", + "xn--d1acj3b", + "xn--d1alf", + "xn--e1a4c", + "xn--eckvdtc9d", + "xn--efvy88h", + "xn--fct429k", + "xn--fhbei", + "xn--fiq228c5hs", + "xn--fiq64b", + "xn--fiqs8s", + "xn--fiqz9s", + "xn--fjq720a", + "xn--flw351e", + "xn--fpcrj9c3d", + "xn--fzc2c9e2c", + "xn--fzys8d69uvgm", + "xn--g2xx48c", + "xn--gckr3f0f", + "xn--gecrj9c", + "xn--gk3at1e", + "xn--h2breg3eve", + "xn--h2brj9c", + "xn--h2brj9c8c", + "xn--hxt814e", + "xn--i1b6b1a6a2e", + "xn--imr513n", + "xn--io0a7i", + "xn--j1aef", + "xn--j1amh", + "xn--j6w193g", + "xn--jlq480n2rg", + "xn--jlq61u9w7b", + "xn--jvr189m", + "xn--kcrx77d1x4a", + "xn--kprw13d", + "xn--kpry57d", + "xn--kput3i", + "xn--l1acc", + "xn--lgbbat1ad8j", + "xn--mgb9awbf", + "xn--mgba3a3ejt", + "xn--mgba3a4f16a", + "xn--mgba7c0bbn0a", + "xn--mgbaakc7dvf", + "xn--mgbaam7a8h", + "xn--mgbab2bd", + "xn--mgbah1a3hjkrd", + "xn--mgbai9azgqp6j", + "xn--mgbayh7gpa", + "xn--mgbbh1a", + "xn--mgbbh1a71e", + "xn--mgbc0a9azcg", + "xn--mgbca7dzdo", + "xn--mgbcpq6gpa1a", + "xn--mgberp4a5d4ar", + "xn--mgbgu82a", + "xn--mgbi4ecexp", + "xn--mgbpl2fh", + "xn--mgbt3dhd", + "xn--mgbtx2b", + "xn--mgbx4cd0ab", + "xn--mix891f", + "xn--mk1bu44c", + "xn--mxtq1m", + "xn--ngbc5azd", + "xn--ngbe9e0a", + "xn--ngbrx", + "xn--node", + "xn--nqv7f", + "xn--nqv7fs00ema", + "xn--nyqy26a", + "xn--o3cw4h", + "xn--ogbpf8fl", + "xn--otu796d", + "xn--p1acf", + "xn--p1ai", + "xn--pgbs0dh", + "xn--pssy2u", + "xn--q7ce6a", + "xn--q9jyb4c", + "xn--qcka1pmc", + "xn--qxa6a", + "xn--qxam", + "xn--rhqv96g", + "xn--rovu88b", + "xn--rvc1e0am3e", + "xn--s9brj9c", + "xn--ses554g", + "xn--t60b56a", + "xn--tckwe", + "xn--tiq49xqyj", + "xn--unup4y", + "xn--vermgensberater-ctb", + "xn--vermgensberatung-pwb", + "xn--vhquv", + "xn--vuq861b", + "xn--w4r85el8fhu5dnra", + "xn--w4rs40l", + "xn--wgbh1c", + "xn--wgbl6a", + "xn--xhq521b", + "xn--xkc2al3hye2a", + "xn--xkc2dl3a5ee0h", + "xn--y9a3aq", + "xn--yfro4i67o", + "xn--ygbi2ammx", + "xn--zfr164b", + "xxx", + "xyz", + "yachts", + "yahoo", + "yamaxun", + "yandex", + "ye", + "yodobashi", + "yoga", + "yokohama", + "you", + "youtube", + "yt", + "yun", + "za", + "zappos", + "zara", + "zero", + "zip", + "zm", + "zone", + "zuerich", + "zw", + "skiptocontent", + "pullrequests", + "issues", + "marketplace", + "explore", + "@andnasnd", + "shouldbee/", + "reserved-usernames", + "public", + "code", + "issues4", + "actions", + "projects", + "insights", + "about", + "access", + "account", + "accounts", + "activate", + "activities", + "activity", + "add", + "address", + "adm", + "admin", + "administration", + "administrator", + "advertising", + "affiliate", + "affiliates", + "ajax", + "all", + "alpha", + "analysis", + "anon", + "anonymous", + "api", + "apps", + "archive", + "archives", + "article", + "asct", + "asset", + "atom", + "auth", + "authentication", + "avatar", + "backup", + "balancer-manager", + "banner", + "banners", + "beta", + "billing", + "bin", + "blogs", + "board", + "bookmark", + "bots", + "bug", + "cache", + "cadastro", + "calendar", + "campaign", + "cancel", + "captcha", + "cart", + "categories", + "category", + "cgi", + "cgi-bin", + "changelog", + "check", + "checking", + "checkout", + "client", + "cliente", + "clients", + "codereview", + "comercial", + "comment", + "comments", + "communities", + "compras", + "config", + "configuration", + "connect", + "contact-us", + "contact_us", + "contactus", + "contest", + "contribute", + "corp", + "create", + "css", + "dashboard", + "db", + "default", + "delete", + "demo", + "designer", + "destroy", + "devel", + "developer", + "developers", + "diagram", + "diary", + "dict", + "dictionary", + "die", + "dir", + "direct_messages", + "dist", + "doc", + "documentation", + "domain", + "downloads", + "ecommerce", + "edit", + "editor", + "employment", + "empty", + "end", + "enterprise", + "entries", + "entry", + "error", + "errors", + "eval", + "event", + "everyone", + "exit", + "facebook", + "faq", + "favorite", + "favorites", + "feature", + "features", + "feed", + "feeds", + "file", + "files", + "first", + "flash", + "fleet", + "fleets", + "flog", + "follow", + "followers", + "following", + "forgot", + "form", + "forums", + "founder", + "friend", + "friends", + "ftp", + "gadget", + "gadgets", + "get", + "ghost", + "gist", + "github", + "graph", + "groups", + "guest", + "guests", + "home", + "homepage", + "hostmaster", + "hostname", + "howto", + "hpg", + "html", + "http", + "httpd", + "https", + "i", + "iamges", + "icon", + "icons", + "idea", + "ideas", + "image", + "images", + "imap", + "img", + "index", + "indice", + "information", + "inquiry", + "instagram", + "intranet", + "invitations", + "invite", + "ipad", + "iphone", + "irc", + "issue", + "item", + "items", + "javascript", + "job", + "join", + "js", + "json", + "jump", + "knowledgebase", + "language", + "languages", + "last", + "ldap-status", + "license", + "links", + "linux", + "list", + "lists", + "log", + "log-in", + "log-out", + "log_in", + "log_out", + "login", + "logout", + "logs", + "m", + "mac", + "mail", + "mail1", + "mail2", + "mail3", + "mail4", + "mail5", + "mailer", + "mailing", + "maintenance", + "manager", + "manual", + "maps", + "master", + "member", + "members", + "message", + "messages", + "messenger", + "microblog", + "microblogs", + "mine", + "mis", + "mob", + "movies", + "mp3", + "msg", + "msn", + "musicas", + "mysql", + "named", + "nan", + "navi", + "navigation", + "newsletter", + "nick", + "nickname", + "notes", + "noticias", + "notification", + "notifications", + "notify", + "ns", + "ns1", + "ns10", + "ns2", + "ns3", + "ns4", + "ns5", + "ns6", + "ns7", + "ns8", + "ns9", + "null", + "oauth", + "oauth_clients", + "offer", + "offers", + "official", + "old", + "openid", + "operator", + "order", + "orders", + "organization", + "organizations", + "overview", + "owner", + "owners", + "pager", + "pages", + "panel", + "password", + "payment", + "perl", + "photoalbum", + "php", + "phpmyadmin", + "phppgadmin", + "phpredisadmin", + "pic", + "plan", + "plans", + "plugin", + "plugins", + "policy", + "pop", + "pop3", + "popular", + "portal", + "postfix", + "postmaster", + "posts", + "premium", + "price", + "pricing", + "privacy", + "privacy-policy", + "privacy_policy", + "privacypolicy", + "private", + "product", + "products", + "profile", + "project", + "purpose", + "put", + "python", + "query", + "random", + "ranking", + "readme", + "recent", + "recruit", + "recruitment", + "register", + "registration", + "release", + "remove", + "replies", + "reports", + "repositories", + "repository", + "req", + "request", + "requests", + "reset", + "roc", + "root", + "rss", + "ruby", + "rule", + "sag", + "sales", + "sample", + "samples", + "script", + "scripts", + "self", + "send", + "server", + "server-info", + "server-status", + "service", + "session", + "sessions", + "setting", + "settings", + "setup", + "share", + "sign-in", + "sign-up", + "sign_in", + "sign_up", + "signin", + "signout", + "signup", + "sitemap", + "sites", + "smartphone", + "smtp", + "soporte", + "source", + "spec", + "special", + "sql", + "src", + "ssh", + "ssl", + "ssladmin", + "ssladministrator", + "sslwebmaster", + "staff", + "stage", + "staging", + "start", + "stat", + "state", + "static", + "stats", + "status", + "stores", + "stories", + "styleguide", + "stylesheet", + "stylesheets", + "subdomain", + "subscribe", + "subscriptions", + "suporte", + "svn", + "swf", + "sys", + "sysadmin", + "sysadministrator", + "system", + "tablet", + "tablets", + "tag", + "task", + "tasks", + "teams", + "telnet", + "term", + "terms", + "terms-of-service", + "terms_of_service", + "termsofservice", + "test", + "test1", + "test2", + "test3", + "teste", + "testing", + "tests", + "theme", + "themes", + "thread", + "threads", + "tmp", + "todo", + "tool", + "topic", + "topics", + "tos", + "tour", + "translations", + "trends", + "tutorial", + "tux", + "twitter", + "undef", + "unfollow", + "unsubscribe", + "update", + "upload", + "uploads", + "url", + "usage", + "user", + "username", + "users", + "usuario", + "vendas", + "ver", + "version", + "videos", + "visitor", + "web", + "webhook", + "webhooks", + "webmail", + "webmaster", + "websites", + "welcome", + "widget", + "widgets", + "word", + "workshop", + "ww", + "wws", + "www", + "www1", + "www2", + "www3", + "www4", + "www5", + "www6", + "www7", + "wwws", + "wwww", + "xfn", + "xml", + "xmpp", + "xpg", + "yaml", + "year", + "yml", + "yourdomain", + "yourname", + "yoursite", + "yourusername", + "genesis" +] diff --git a/services/blob/src/config.rs b/services/blob/src/config.rs --- a/services/blob/src/config.rs +++ b/services/blob/src/config.rs @@ -1,6 +1,7 @@ use anyhow::Result; use clap::{ArgAction, Parser}; use once_cell::sync::Lazy; +use std::collections::HashSet; use tracing::info; use crate::constants::{ @@ -66,3 +67,23 @@ config_builder.load().await } + +fn get_all_reserved_invite_links() -> HashSet { + // All entries in `reserved_usernames.json` must be lowercase and must also be + // included in `lib/utils/reserved-users.js`!! + let contents = include_str!("../reserved_usernames.json"); + let reserved_usernames: Vec = serde_json::from_str(contents).unwrap(); + + reserved_usernames.into_iter().collect() +} +pub static RESERVED_INVITE_LINKS: Lazy> = + Lazy::new(get_all_reserved_invite_links); + +fn get_all_offensive_invite_links() -> HashSet { + let contents = include_str!("../third-party/bad-words/words.json"); + let reserved_usernames: Vec = serde_json::from_str(contents).unwrap(); + + reserved_usernames.into_iter().collect() +} +pub static OFFENSIVE_INVITE_LINKS: Lazy> = + Lazy::new(get_all_offensive_invite_links); diff --git a/services/blob/src/constants.rs b/services/blob/src/constants.rs --- a/services/blob/src/constants.rs +++ b/services/blob/src/constants.rs @@ -39,3 +39,5 @@ pub const S3_BUCKET_ENV_VAR: &str = "BLOB_S3_BUCKET_NAME"; pub const DEFAULT_S3_BUCKET_NAME: &str = "commapp-blob"; pub const S3_MULTIPART_UPLOAD_MINIMUM_CHUNK_SIZE: u64 = 5 * 1024 * 1024; + +pub const INVITE_LINK_BLOB_HASH_PREFIX: &str = "invite_"; diff --git a/services/blob/src/http/errors.rs b/services/blob/src/http/errors.rs --- a/services/blob/src/http/errors.rs +++ b/services/blob/src/http/errors.rs @@ -52,6 +52,10 @@ debug!("Received request input error: {0:?} - {0}", err); ErrorBadRequest("bad request") } + BlobServiceError::InviteLinkError(invite_link_error) => { + debug!("Received invite link error: {0}", invite_link_error); + ErrorBadRequest("bad request") + } err => { error!("Received an unexpected error: {0:?} - {0}", err); ErrorInternalServerError("server error") diff --git a/services/blob/src/service.rs b/services/blob/src/service.rs --- a/services/blob/src/service.rs +++ b/services/blob/src/service.rs @@ -1,4 +1,5 @@ #![allow(unused)] +use regex::RegexSet; use std::collections::{BTreeMap, HashSet}; use std::ops::{Bound, Range, RangeBounds, RangeInclusive}; use std::sync::Arc; @@ -7,12 +8,15 @@ use chrono::Duration; use comm_lib::http::ByteStream; use comm_lib::tools::BoxedError; +use once_cell::sync::Lazy; use tokio_stream::StreamExt; use tonic::codegen::futures_core::Stream; use tracing::{debug, error, info, trace, warn}; -use crate::config::CONFIG; -use crate::constants::S3_MULTIPART_UPLOAD_MINIMUM_CHUNK_SIZE; +use crate::config::{CONFIG, OFFENSIVE_INVITE_LINKS, RESERVED_INVITE_LINKS}; +use crate::constants::{ + INVITE_LINK_BLOB_HASH_PREFIX, S3_MULTIPART_UPLOAD_MINIMUM_CHUNK_SIZE, +}; use crate::database::types::{ BlobItemInput, BlobItemRow, PrimaryKey, UncheckedKind, }; @@ -21,6 +25,14 @@ use crate::tools::MemOps; use crate::{constants::BLOB_DOWNLOAD_CHUNK_SIZE, database::DatabaseClient}; +#[derive( + Debug, derive_more::Display, derive_more::From, derive_more::Error, +)] +pub enum InviteLinkError { + Reserved, + Offensive, +} + #[derive( Debug, derive_more::Display, derive_more::From, derive_more::Error, )] @@ -31,6 +43,7 @@ DB(DBError), S3(S3Error), InputError(#[error(ignore)] BoxedError), + InviteLinkError(InviteLinkError), } type BlobServiceResult = Result; @@ -49,6 +62,10 @@ pub orphan_protection_period: chrono::Duration, } +static OFFENSIVE_INVITE_LINKS_REGEX_SET: Lazy = Lazy::new(|| { + RegexSet::new(OFFENSIVE_INVITE_LINKS.iter().collect::>()).unwrap() +}); + impl Default for BlobServiceConfig { fn default() -> Self { BlobServiceConfig { @@ -117,6 +134,23 @@ Ok(session) } + fn validate_invite_link_blob_hash( + invite_secret: &str, + ) -> Result<(), BlobServiceError> { + let lowercase_secret = invite_secret.to_lowercase(); + if (RESERVED_INVITE_LINKS.contains(&lowercase_secret)) { + debug!("Reserved invite link"); + return Err(BlobServiceError::InviteLinkError(InviteLinkError::Reserved)); + } + if (OFFENSIVE_INVITE_LINKS_REGEX_SET.is_match(&lowercase_secret)) { + debug!("Offensive invite link"); + return Err(BlobServiceError::InviteLinkError( + InviteLinkError::Offensive, + )); + } + Ok(()) + } + pub async fn put_blob( &self, blob_hash: impl Into, @@ -125,11 +159,17 @@ let blob_hash: String = blob_hash.into(); let blob_item = BlobItemInput::new(&blob_hash); - if self.db.get_blob_item(blob_hash).await?.is_some() { + if self.db.get_blob_item(&blob_hash).await?.is_some() { debug!("Blob already exists"); return Err(BlobServiceError::BlobAlreadyExists); } + if let Some(invite_secret) = + blob_hash.strip_prefix(INVITE_LINK_BLOB_HASH_PREFIX) + { + Self::validate_invite_link_blob_hash(&invite_secret)?; + } + let mut upload_session = self.s3.start_upload_session(&blob_item.s3_path).await?; trace!(?blob_item, "Started S3 upload session"); diff --git a/services/blob/third-party/bad-words/LICENSE b/services/blob/third-party/bad-words/LICENSE new file mode 100644 --- /dev/null +++ b/services/blob/third-party/bad-words/LICENSE @@ -0,0 +1,20 @@ +The MIT License (MIT) + +Copyright (c) 2015 Michael Price + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS +FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/services/blob/third-party/bad-words/words.json b/services/blob/third-party/bad-words/words.json new file mode 100644 --- /dev/null +++ b/services/blob/third-party/bad-words/words.json @@ -0,0 +1,449 @@ +[ + "ahole", + "anus", + "ash0le", + "ash0les", + "asholes", + "ass", + "Ass Monkey", + "Assface", + "assh0le", + "assh0lez", + "asshole", + "assholes", + "assholz", + "asswipe", + "azzhole", + "bassterds", + "bastard", + "bastards", + "bastardz", + "basterds", + "basterdz", + "Biatch", + "bitch", + "bitches", + "Blow Job", + "boffing", + "butthole", + "buttwipe", + "c0ck", + "c0cks", + "c0k", + "Carpet Muncher", + "cawk", + "cawks", + "Clit", + "cnts", + "cntz", + "cock", + "cockhead", + "cock-head", + "cocks", + "CockSucker", + "cock-sucker", + "crap", + "cum", + "cunt", + "cunts", + "cuntz", + "dick", + "dild0", + "dild0s", + "dildo", + "dildos", + "dilld0", + "dilld0s", + "dominatricks", + "dominatrics", + "dominatrix", + "dyke", + "enema", + "f u c k", + "f u c k e r", + "fag", + "fag1t", + "faget", + "fagg1t", + "faggit", + "faggot", + "fagg0t", + "fagit", + "fags", + "fagz", + "faig", + "faigs", + "fart", + "flipping the bird", + "fuck", + "fucker", + "fuckin", + "fucking", + "fucks", + "Fudge Packer", + "fuk", + "Fukah", + "Fuken", + "fuker", + "Fukin", + "Fukk", + "Fukkah", + "Fukken", + "Fukker", + "Fukkin", + "g00k", + "God-damned", + "h00r", + "h0ar", + "h0re", + "hells", + "hoar", + "hoor", + "hoore", + "jackoff", + "jap", + "japs", + "jerk-off", + "jisim", + "jiss", + "jizm", + "jizz", + "knob", + "knobs", + "knobz", + "kunt", + "kunts", + "kuntz", + "Lezzian", + "Lipshits", + "Lipshitz", + "masochist", + "masokist", + "massterbait", + "masstrbait", + "masstrbate", + "masterbaiter", + "masterbate", + "masterbates", + "Motha Fucker", + "Motha Fuker", + "Motha Fukkah", + "Motha Fukker", + "Mother Fucker", + "Mother Fukah", + "Mother Fuker", + "Mother Fukkah", + "Mother Fukker", + "mother-fucker", + "Mutha Fucker", + "Mutha Fukah", + "Mutha Fuker", + "Mutha Fukkah", + "Mutha Fukker", + "n1gr", + "nastt", + "nigger;", + "nigur;", + "niiger;", + "niigr;", + "orafis", + "orgasim;", + "orgasm", + "orgasum", + "oriface", + "orifice", + "orifiss", + "packi", + "packie", + "packy", + "paki", + "pakie", + "paky", + "pecker", + "peeenus", + "peeenusss", + "peenus", + "peinus", + "pen1s", + "penas", + "penis", + "penis-breath", + "penus", + "penuus", + "Phuc", + "Phuck", + "Phuk", + "Phuker", + "Phukker", + "polac", + "polack", + "polak", + "Poonani", + "pr1c", + "pr1ck", + "pr1k", + "pusse", + "pussee", + "pussy", + "puuke", + "puuker", + "qweir", + "recktum", + "rectum", + "retard", + "sadist", + "scank", + "schlong", + "screwing", + "semen", + "sex", + "sexy", + "Sh!t", + "sh1t", + "sh1ter", + "sh1ts", + "sh1tter", + "sh1tz", + "shit", + "shits", + "shitter", + "Shitty", + "Shity", + "shitz", + "Shyt", + "Shyte", + "Shytty", + "Shyty", + "skanck", + "skank", + "skankee", + "skankey", + "skanks", + "Skanky", + "slag", + "slut", + "sluts", + "Slutty", + "slutz", + "son-of-a-bitch", + "tit", + "turd", + "va1jina", + "vag1na", + "vagiina", + "vagina", + "vaj1na", + "vajina", + "vullva", + "vulva", + "w0p", + "wh00r", + "wh0re", + "whore", + "xrated", + "xxx", + "b!+ch", + "bitch", + "blowjob", + "clit", + "arschloch", + "fuck", + "shit", + "ass", + "asshole", + "b!tch", + "b17ch", + "b1tch", + "bastard", + "bi+ch", + "boiolas", + "buceta", + "c0ck", + "cawk", + "chink", + "cipa", + "clits", + "cock", + "cum", + "cunt", + "dildo", + "dirsa", + "ejakulate", + "fatass", + "fcuk", + "fuk", + "fux0r", + "hoer", + "hore", + "jism", + "kawk", + "l3itch", + "l3i+ch", + "masturbate", + "masterbat.*", + "masterbat3", + "motherfucker", + "s.o.b.", + "mofo", + "nazi", + "nigga", + "nigger", + "nutsack", + "phuck", + "pimpis", + "pusse", + "pussy", + "scrotum", + "sh!t", + "shemale", + "shi+", + "sh!+", + "slut", + "smut", + "teets", + "tits", + "boobs", + "b00bs", + "teez", + "testical", + "testicle", + "titt", + "w00se", + "jackoff", + "wank", + "whoar", + "whore", + ".*damn", + ".*dyke", + ".*fuck.*", + ".*shit.*", + "@$$", + "amcik", + "andskota", + "arse.*", + "assrammer", + "ayir", + "bi7ch", + "bitch.*", + "bollock.*", + "breasts", + "butt-pirate", + "cabron", + "cazzo", + "chraa", + "chuj", + "Cock.*", + "cunt.*", + "d4mn", + "daygo", + "dego", + "dick.*", + "dike.*", + "dupa", + "dziwka", + "ejackulate", + "Ekrem.*", + "Ekto", + "enculer", + "faen", + "fag.*", + "fanculo", + "fanny", + "feces", + "feg", + "Felcher", + "ficken", + "fitt.*", + "Flikker", + "foreskin", + "Fotze", + "Fu\\(.*", + "fuk.*", + "futkretzn", + "gook", + "guiena", + "h0r", + "h4x0r", + "hell", + "helvete", + "hoer.*", + "honkey", + "Huevon", + "hui", + "injun", + "jizz", + "kanker.*", + "kike", + "klootzak", + "kraut", + "knulle", + "kuk", + "kuksuger", + "Kurac", + "kurwa", + "kusi.*", + "kyrpa.*", + "lesbo", + "mamhoon", + "masturbat.*", + "merd.*", + "mibun", + "monkleigh", + "mouliewop", + "muie", + "mulkku", + "muschi", + "nazis", + "nepesaurio", + "nigger.*", + "orospu", + "paska.*", + "perse", + "picka", + "pierdol.*", + "pillu.*", + "pimmel", + "piss.*", + "pizda", + "poontsee", + "poop", + "porn", + "p0rn", + "pr0n", + "preteen", + "pula", + "pule", + "puta", + "puto", + "qahbeh", + "queef.*", + "rautenberg", + "schaffer", + "scheiss.*", + "schlampe", + "schmuck", + "screw", + "sh!t.*", + "sharmuta", + "sharmute", + "shipal", + "shiz", + "skribz", + "skurwysyn", + "sphencter", + "spic", + "spierdalaj", + "splooge", + "suka", + "b00b.*", + "testicle.*", + "titt.*", + "twat", + "vittu", + "wank.*", + "wetback.*", + "wichser", + "wop.*", + "yed", + "zabourah" +]