rhodecode-enterprise-ce Files · rhodecode/tweens.py

pull-requests: add merge check that detects WIP marker in title. This will prevent merges in such case....

pull-requests: add merge check that detects WIP marker in title. This will prevent merges in such case. Usually WIP in title means unfinished task that needs still some work. This pattern is present in Gitlab/Github and is already quite common.

marcink - - Load All Authors

File last commit:

r3776:8199476a new-ui


                r4099:c12e69d0

default

Download file

             tweens.py
        
                    118 lines
            
             | 3.9 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / rhodecode / tweens.py
          
                    History
                
                 |
                  Source
                 | Raw
                 |Copy content
                 |Copy permalink

        marcink
    
project: added all source files and assets

              r1
            
      # -*- coding: utf-8 -*-

        marcink
    
docs: updated copyrights to 2019

              r3363
            
      # Copyright (C) 2010-2019 RhodeCode GmbH

        marcink
    
project: added all source files and assets

              r1
            
      #

      # This program is free software: you can redistribute it and/or modify

      # it under the terms of the GNU Affero General Public License, version 3

      # (only), as published by the Free Software Foundation.

      #

      # This program is distributed in the hope that it will be useful,

      # but WITHOUT ANY WARRANTY; without even the implied warranty of

      # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

      # GNU General Public License for more details.

      #

      # You should have received a copy of the GNU Affero General Public License

      # along with this program.  If not, see <http://www.gnu.org/licenses/>.

      #

      # This program is dual-licensed. If you wish to learn more about the

      # RhodeCode Enterprise Edition, including its added features, Support services,

      # and proprietary license terms, please see https://rhodecode.com/licenses/

      import logging

        marcink
    
core: use application wide detection of invalid bytes sent via URL/GET/POST data.

              r3145
            
      from pyramid.httpexceptions import HTTPException, HTTPBadRequest

        marcink
    
project: added all source files and assets

              r1
            
        marcink
    
vcs: do an early detection of vcs-type request....

              r1297
            
      from rhodecode.lib.middleware.vcs import (

          detect_vcs_request, VCS_TYPE_KEY, VCS_TYPE_SKIP)

        marcink
    
project: added all source files and assets

              r1
            
        marcink
    
vcs: do an early detection of vcs-type request....

              r1297
            
        marcink
    
project: added all source files and assets

              r1
            
      log = logging.getLogger(__name__)

        marcink
    
core: use proper event to bootstrap pylons env....

              r1309
            
      def vcs_detection_tween_factory(handler, registry):

        marcink
    
vcs: do an early detection of vcs-type request....

              r1297
            
        marcink
    
core: use proper event to bootstrap pylons env....

              r1309
            
          def vcs_detection_tween(request):

        marcink
    
project: added all source files and assets

              r1
            
              """

        marcink
    
core: use proper event to bootstrap pylons env....

              r1309
            
              Do detection of vcs type, and save results for other layers to re-use

              this information

        marcink
    
project: added all source files and assets

              r1
            
              """

        marcink
    
pylons: remove pylons as dependency...

              r2351
            
              vcs_server_enabled = request.registry.settings.get('vcs.server.enable')

              vcs_handler = vcs_server_enabled and detect_vcs_request(

        marcink
    
vcs: do an early detection of vcs-type request....

              r1297
            
                  request.environ, request.registry.settings.get('vcs.backends'))

              if vcs_handler:

        marcink
    
code: added more logging, and some notes

              r1300
            
                  # save detected VCS type for later re-use

        marcink
    
vcs: do an early detection of vcs-type request....

              r1297
            
                  request.environ[VCS_TYPE_KEY] = vcs_handler.SCM

        marcink
    
core: use proper event to bootstrap pylons env....

              r1309
            
                  request.vcs_call = vcs_handler.SCM

        marcink
    
pylons: remove pylons as dependency...

              r2351
            
                  log.debug('Processing request with `%s` handler', handler)

        marcink
    
vcs: do an early detection of vcs-type request....

              r1297
            
                  return handler(request)

        marcink
    
code: added more logging, and some notes

              r1300
            
              # mark that we didn't detect an VCS, and we can skip detection later on

        marcink
    
vcs: do an early detection of vcs-type request....

              r1297
            
              request.environ[VCS_TYPE_KEY] = VCS_TYPE_SKIP

        marcink
    
project: added all source files and assets

              r1
            
        marcink
    
pylons: remove pylons as dependency...

              r2351
            
              log.debug('Processing request with `%s` handler', handler)

        dan
    
db: move Session.remove to outer wsgi layer and also add it...

              r669
            
              return handler(request)

        marcink
    
project: added all source files and assets

              r1
            
        marcink
    
core: use proper event to bootstrap pylons env....

              r1309
            
          return vcs_detection_tween

        marcink
    
project: added all source files and assets

              r1
            
        marcink
    
core: use application wide detection of invalid bytes sent via URL/GET/POST data.

              r3145
            
      def junk_encoding_detector(request):

          """

          Detect bad encoded GET params, and fail immediately with BadRequest

          """

          try:

              request.GET.get("", None)

          except UnicodeDecodeError:

              raise HTTPBadRequest("Invalid bytes in query string.")

      def bad_url_data_detector(request):

          """

          Detect invalid bytes in a path.

          """

          try:

              request.path_info

          except UnicodeDecodeError:

              raise HTTPBadRequest("Invalid bytes in URL.")

      def junk_form_data_detector(request):

          """

          Detect bad encoded POST params, and fail immediately with BadRequest

          """

          if request.method == "POST":

              try:

                  request.POST.get("", None)

              except ValueError:

                  raise HTTPBadRequest("Invalid bytes in form data.")

      def sanity_check_factory(handler, registry):

          def sanity_check(request):

        marcink
    
tests: fixed some tests for files pages.

              r3776
            
              log.debug('Checking current URL sanity for bad data')

        marcink
    
core: use application wide detection of invalid bytes sent via URL/GET/POST data.

              r3145
            
              try:

                  junk_encoding_detector(request)

                  bad_url_data_detector(request)

                  junk_form_data_detector(request)

              except HTTPException as exc:

                  return exc

              return handler(request)

          return sanity_check

        marcink
    
project: added all source files and assets

              r1
            
      def includeme(config):

          config.add_subscriber('rhodecode.subscribers.add_renderer_globals',

                                'pyramid.events.BeforeRender')

        marcink
    
i18n: use consistent way of setting user language.

              r1307
            
          config.add_subscriber('rhodecode.subscribers.set_user_lang',

                                'pyramid.events.NewRequest')

        marcink
    
project: added all source files and assets

              r1
            
          config.add_subscriber('rhodecode.subscribers.add_localizer',

                                'pyramid.events.NewRequest')

        marcink
    
pyramid: moved extraction of user into a seperate subscriber.

              r1903
            
          config.add_subscriber('rhodecode.subscribers.add_request_user_context',

                                'pyramid.events.ContextFound')

        marcink
    
tweens: check url sanity before vcs detection tween.

              r3537
            
          config.add_tween('rhodecode.tweens.vcs_detection_tween_factory')

        marcink
    
core: use application wide detection of invalid bytes sent via URL/GET/POST data.

              r3145
            
          config.add_tween('rhodecode.tweens.sanity_check_factory')

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

marcink project: added all source files and assets	r1	# -- coding: utf-8 --

marcink docs: updated copyrights to 2019	r3363	# Copyright (C) 2010-2019 RhodeCode GmbH
marcink project: added all source files and assets	r1	#
		# This program is free software: you can redistribute it and/or modify
		# it under the terms of the GNU Affero General Public License, version 3
		# (only), as published by the Free Software Foundation.
		#
		# This program is distributed in the hope that it will be useful,
		# but WITHOUT ANY WARRANTY; without even the implied warranty of
		# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
		# GNU General Public License for more details.
		#
		# You should have received a copy of the GNU Affero General Public License
		# along with this program. If not, see <http://www.gnu.org/licenses/>.
		#
		# This program is dual-licensed. If you wish to learn more about the
		# RhodeCode Enterprise Edition, including its added features, Support services,
		# and proprietary license terms, please see https://rhodecode.com/licenses/


		import logging
marcink core: use application wide detection of invalid bytes sent via URL/GET/POST data.	r3145	from pyramid.httpexceptions import HTTPException, HTTPBadRequest
marcink project: added all source files and assets	r1
marcink vcs: do an early detection of vcs-type request....	r1297	from rhodecode.lib.middleware.vcs import (
		detect_vcs_request, VCS_TYPE_KEY, VCS_TYPE_SKIP)
marcink project: added all source files and assets	r1
marcink vcs: do an early detection of vcs-type request....	r1297
marcink project: added all source files and assets	r1	log = logging.getLogger(__name__)


marcink core: use proper event to bootstrap pylons env....	r1309	def vcs_detection_tween_factory(handler, registry):
marcink vcs: do an early detection of vcs-type request....	r1297
marcink core: use proper event to bootstrap pylons env....	r1309	def vcs_detection_tween(request):
marcink project: added all source files and assets	r1	"""
marcink core: use proper event to bootstrap pylons env....	r1309	Do detection of vcs type, and save results for other layers to re-use
		this information
marcink project: added all source files and assets	r1	"""
marcink pylons: remove pylons as dependency...	r2351	vcs_server_enabled = request.registry.settings.get('vcs.server.enable')
		vcs_handler = vcs_server_enabled and detect_vcs_request(
marcink vcs: do an early detection of vcs-type request....	r1297	request.environ, request.registry.settings.get('vcs.backends'))

		if vcs_handler:
marcink code: added more logging, and some notes	r1300	# save detected VCS type for later re-use
marcink vcs: do an early detection of vcs-type request....	r1297	request.environ[VCS_TYPE_KEY] = vcs_handler.SCM
marcink core: use proper event to bootstrap pylons env....	r1309	request.vcs_call = vcs_handler.SCM
marcink pylons: remove pylons as dependency...	r2351
		log.debug('Processing request with `%s` handler', handler)
marcink vcs: do an early detection of vcs-type request....	r1297	return handler(request)

marcink code: added more logging, and some notes	r1300	# mark that we didn't detect an VCS, and we can skip detection later on
marcink vcs: do an early detection of vcs-type request....	r1297	request.environ[VCS_TYPE_KEY] = VCS_TYPE_SKIP
marcink project: added all source files and assets	r1
marcink pylons: remove pylons as dependency...	r2351	log.debug('Processing request with `%s` handler', handler)
dan db: move Session.remove to outer wsgi layer and also add it...	r669	return handler(request)
marcink project: added all source files and assets	r1
marcink core: use proper event to bootstrap pylons env....	r1309	return vcs_detection_tween
marcink project: added all source files and assets	r1

marcink core: use application wide detection of invalid bytes sent via URL/GET/POST data.	r3145	def junk_encoding_detector(request):
		"""
		Detect bad encoded GET params, and fail immediately with BadRequest
		"""

		try:
		request.GET.get("", None)
		except UnicodeDecodeError:
		raise HTTPBadRequest("Invalid bytes in query string.")


		def bad_url_data_detector(request):
		"""
		Detect invalid bytes in a path.
		"""
		try:
		request.path_info
		except UnicodeDecodeError:
		raise HTTPBadRequest("Invalid bytes in URL.")


		def junk_form_data_detector(request):
		"""
		Detect bad encoded POST params, and fail immediately with BadRequest
		"""

		if request.method == "POST":
		try:
		request.POST.get("", None)
		except ValueError:
		raise HTTPBadRequest("Invalid bytes in form data.")


		def sanity_check_factory(handler, registry):
		def sanity_check(request):
marcink tests: fixed some tests for files pages.	r3776	log.debug('Checking current URL sanity for bad data')
marcink core: use application wide detection of invalid bytes sent via URL/GET/POST data.	r3145	try:
		junk_encoding_detector(request)
		bad_url_data_detector(request)
		junk_form_data_detector(request)
		except HTTPException as exc:
		return exc

		return handler(request)

		return sanity_check


marcink project: added all source files and assets	r1	def includeme(config):
		config.add_subscriber('rhodecode.subscribers.add_renderer_globals',
		'pyramid.events.BeforeRender')
marcink i18n: use consistent way of setting user language.	r1307	config.add_subscriber('rhodecode.subscribers.set_user_lang',
		'pyramid.events.NewRequest')
marcink project: added all source files and assets	r1	config.add_subscriber('rhodecode.subscribers.add_localizer',
		'pyramid.events.NewRequest')
marcink pyramid: moved extraction of user into a seperate subscriber.	r1903	config.add_subscriber('rhodecode.subscribers.add_request_user_context',
		'pyramid.events.ContextFound')
marcink tweens: check url sanity before vcs detection tween.	r3537	config.add_tween('rhodecode.tweens.vcs_detection_tween_factory')
marcink core: use application wide detection of invalid bytes sent via URL/GET/POST data.	r3145	config.add_tween('rhodecode.tweens.sanity_check_factory')