fix: redirect anonymous commenters to login instead of crashing

app/routes/post.py

@@ -18,6 +18,7 @@
 from utils.forms.comment_form import CommentForm
 from utils.generate_url_id_from_post import get_slug_from_post_title
 from utils.log import Log
+from utils.sanitize_for_log import sanitize_for_log
 from utils.time import current_time_stamp
 
 post_blueprint = Blueprint("post", __name__)
@@ -50,6 +51,15 @@ def post(url_id=None, slug=None):
                 delete_comment(request.form["comment_id"])
                 return redirect(url_for("post.post", url_id=url_id)), 301
 
+            if "username" not in session:
+                safe_remote_addr = sanitize_for_log(request.remote_addr)
+                safe_url_id = sanitize_for_log(url_id)
+                Log.error(
+                    f"{safe_remote_addr} tried to comment on post: "
+                    f'"{safe_url_id}" without logging in',
+                )
+                return redirect(f"/login/redirect=&post&{url_id}")
+
             comment_text = escape(request.form["comment"])
 
             new_comment = Comment(

app/utils/sanitize_for_log.py

@@ -0,0 +1,15 @@
+"""
+This module contains the function to sanitize untrusted values before they are
+written to log output.
+"""
+
+
+def sanitize_for_log(value):
+    """Strip CR/LF characters from a value before it is interpolated into a log message.
+
+    Request-derived values (client IPs, URL segments, etc.) are attacker
+    controlled. Logging them unsanitized lets an attacker inject carriage
+    return / line feed characters and forge fake log lines (CWE-117).
+    """
+
+    return str(value).replace("\r", "").replace("\n", "")