Commit Graph

145 Commits (15cb3528cbda7b6198f49a6b5953c226d701696b)

Author SHA1 Message Date
Simon Sawicki de015e9307
[core] Prevent RCE when using `--exec` with `%q` (CVE-2023-40581)
The shell escape function is now using `""` instead of `\"`. `utils.Popen` has been patched to properly quote commands.

Prior to this fix using `--exec` together with `%q` when on Windows could cause remote code to execute. See https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-42h4-v29r-42qg for reference.

Authored by: Grub4K
1 year ago
bashonly 5ca095cbcd
[cleanup] Misc (#8182)
Closes #7796, Closes #8028
Authored by: barsnick, sqrtNOT, gamer191, coletdjnz, Grub4K, bashonly
1 year ago
pukkandan 6148833f5c
[cleanup] Misc 2 years ago
pukkandan 62b5c94cad
[cleanup] Misc fixes
Closes #7528
2 years ago
pukkandan a264433c9f
[outtmpl] Fix replacement for `playlist_index` 2 years ago
bashonly 6c5211cebe
[core] Fix HTTP headers and cookie handling
- Remove `Cookie` header from `http_headers` immediately after loading into cookiejar
- Restore compat for `--load-info-json` cookies
- Add more tests
- Fix improper passing of Cookie header by `MailRu` extractor

Closes #7558
Authored by: bashonly, pukkandan
2 years ago
Simon Sawicki 3121512228
[core] Change how `Cookie` headers are handled
Cookies are now saved and loaded under `cookies` key in the info dict
instead of `http_headers.Cookie`. Cookies passed in headers are
auto-scoped to the input URLs with a warning.

Ref: https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj

Authored by: Grub4K
2 years ago
pukkandan 47bcd43724
[outtmpl] Pad `playlist_index` etc even when with internal formatting
Closes #7501
2 years ago
pukkandan 1619ab3e67
Bugfix for ebe1b4e34f 2 years ago
pukkandan ad54c9130e
[cleanup] Misc
Closes #6288, Closes #7197, Closes #7265, Closes #7353, Closes #5773
Authored by: mikf, freezboltz, pukkandan
2 years ago
pukkandan ebe1b4e34f
[outtmpl] Fix some minor bugs
Closes #7164
2 years ago
coletdjnz 08916a49c7
[core] Improve HTTP redirect handling (#7094)
Aligns HTTP redirect handling with what browsers commonly do and RFC standards. 

Fixes issues afac4caa7d missed.

Authored by: coletdjnz
2 years ago
pukkandan 6f2287cb18
[cleanup] Misc
Closes #7030, closes #6967
2 years ago
pukkandan ec9311c41b
[outtmpl] Support `str.format` syntax inside replacements
Closes #6843
2 years ago
pukkandan 78fde6e339
[outtmpl] Allow `\n` in replacements and default.
Fixes: https://github.com/yt-dlp/yt-dlp/issues/6808#issuecomment-1510055357
Fixes: https://github.com/yt-dlp/yt-dlp/issues/6808#issuecomment-1510363645
2 years ago
pukkandan 9f14daf22b
[extractor] Deprecate `_sort_formats` 2 years ago
pukkandan 07a1250e0e
[outtmpl] Curly braces to filter keys 2 years ago
pukkandan d2c8aadf79
[cleanup] Misc
Closes #4710, Closes #4754, Closes #4723
Authored by: pukkandan, MrRawes, DavidH-2022
2 years ago
pukkandan 97d9c79e92
Fix tests for 989a01c261 3 years ago
pukkandan f2df407165
[cleanup] Misc cleanup 3 years ago
pukkandan 14f25df2b6
[compat] Remove deprecated functions from core code 3 years ago
pukkandan 54007a45f1
[cleanup] Consistent style for file heads 3 years ago
pukkandan ac66811112
[compat] Remove more functions
Removing any more will require changes to a large number of extractors
3 years ago
pukkandan f0500bd1e4
[test] Fix `FakeYDL` signatures
Authored by: coletdjnz
3 years ago
pukkandan 7e9a612585
Add option `--lazy-playlist` to process entries as they are received 3 years ago
pukkandan 7e88d7d78f
Add slicing notation to `--playlist-items`
* Adds support for negative indices and step
* Add `-I` as alias for `--playlist-index`
* Deprecates `--playlist-start`, `--playlist-end`, `--playlist-reverse`, `--no-playlist-reverse`

Closes #2951, Closes #2853
3 years ago
pukkandan 0a5a191a2a
Improve `--clean-infojson`
It should not removes fields that may be needed for `--load-infojson`.
Eg: `_ffmpeg_args`, `_has_drm`
3 years ago
pukkandan f82711587c
[cleanup] Sort imports
Using https://github.com/PyCQA/isort

    isort -m VERTICAL_HANGING_INDENT --py 36 -l 80 --rr -n --tc .
3 years ago
pukkandan 86e5f3ed2e
[cleanup] Upgrade syntax
Using https://github.com/asottile/pyupgrade

1. `__future__` imports and `coding: utf-8` were removed
2. Files were rewritten with `pyupgrade --py36-plus --keep-percent-format`
3. f-strings were cherry-picked from `pyupgrade --py36-plus`

Extractors are left untouched (except removing header) to avoid unnecessary merge conflicts
3 years ago
pukkandan 34baa9fdf0
[outtmpl] Fix replacement/default when used with alternate 3 years ago
pukkandan 6db9c4d57d
Ignore format-specific fields in initial pass of `--match-filter`
Closes #3074
3 years ago
pukkandan 09b49e1f68
Add pre-processor stage `after_filter`
* Move `_match_entry` and `post_extract` to `process_video_result`. It is also left in `process_info` for API compat
* `--list-...` options and `--force-write-archive` now obey filtering options
* Move `SponsorBlockPP` to `after_filter`. Closes https://github.com/yt-dlp/yt-dlp/issues/2536
* Reverts 4ec82a72bb since this commit addresses the issue it was solving
3 years ago
pukkandan 9e907ebddf
[cleanup] Misc cleanup 3 years ago
pukkandan f46e2f9d92
Add key `requested_downloads` in the root `info_dict` 3 years ago
pukkandan abbeeebc4c
[outtmpl] Alternate form for `D` and fix suffix's case
Fixes: https://github.com/yt-dlp/yt-dlp/issues/2085#issuecomment-1002247689, https://github.com/yt-dlp/yt-dlp/pull/2132/files#r775729811
3 years ago
pukkandan 37893bb0c9
[outtmpl] Change filename sanitization type to `S`
`F` is already used for float!
Bug in e0fd95737d
3 years ago
pukkandan b69fd25c25
[cleanup] Misc cleanup
Closes #1942 #1976 #2020 #2058 #1984
3 years ago
pukkandan e0fd95737d
[outtmpl] Add alternate forms `F`, `D`
and improve `id` detection

F = sanitize as filename (# = restricted)
D = add Decimal suffixes

Closes #2085, 2081
3 years ago
PilzAdam e978789f0f
[outtmpl] Add operator `&` for replacement text (#2012)
Authored by: PilzAdam
3 years ago
pukkandan dd2a987d3f
[tests] Fix tests 3 years ago
pukkandan 4476d2c764
[outtmpl] Add alternate forms for `q` and `j` 3 years ago
pukkandan 582fad70f5
[outtmpl] Do not traverse `None`
Closes #1585
3 years ago
pukkandan b836dc94f2
[outtmpl] Fix bug in expanding environment variables 3 years ago
pukkandan 819e05319b
Improved progress reporting (See desc) (#1125)
* Separate `--console-title` and `--no-progress`
* Add option `--progress` to show progress-bar even in quiet mode
* Fix and refactor `minicurses`
* Use `minicurses` for all progress reporting
* Standardize use of terminal sequences and enable color support for windows 10
* Add option `--progress-template` to customize progress-bar and console-title
* Add postprocessor hooks and progress reporting

Closes: #906, #901, #1085, #1170
3 years ago
pukkandan e6f21b3d92
[docs,cleanup] Some minor refactoring and improve docs 3 years ago
pukkandan 91dd88b90f
[outtmpl] Alternate form of format type `l` for `\n` delimited list 3 years ago
pukkandan 524e2e4fda
[outtmpl] Format type `U` for unicode normalization 3 years ago
pukkandan ff1c7fc9d3
Allow `0` in `--playlist-items` 3 years ago
pukkandan 7c37ff97d3
Allow alternate fields in outtmpl
Closes #899, #1004
3 years ago
pukkandan f5aa5cfbff
Add format type `B` for outtmpl to treat the value as bytes
This is useful to limit the filename to a certain number of bytes rather than characters
Closes #1003
3 years ago