##// END OF EJS Templates
configs: fixed IP extraction in gunicorn
configs: fixed IP extraction in gunicorn

File last commit:

r4768:f604047c default
r4829:e4b422d5 default
Show More
tweens.py
124 lines | 4.1 KiB | text/x-python | PythonLexer
project: added all source files and assets
r1 # -*- coding: utf-8 -*-
code: update copyrights to 2020
r4306 # Copyright (C) 2010-2020 RhodeCode GmbH
project: added all source files and assets
r1 #
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License, version 3
# (only), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# This program is dual-licensed. If you wish to learn more about the
# RhodeCode Enterprise Edition, including its added features, Support services,
# and proprietary license terms, please see https://rhodecode.com/licenses/
import logging
core: use application wide detection of invalid bytes sent via URL/GET/POST data.
r3145 from pyramid.httpexceptions import HTTPException, HTTPBadRequest
project: added all source files and assets
r1
vcs: do an early detection of vcs-type request....
r1297 from rhodecode.lib.middleware.vcs import (
detect_vcs_request, VCS_TYPE_KEY, VCS_TYPE_SKIP)
project: added all source files and assets
r1
vcs: do an early detection of vcs-type request....
r1297
project: added all source files and assets
r1 log = logging.getLogger(__name__)
core: use proper event to bootstrap pylons env....
r1309 def vcs_detection_tween_factory(handler, registry):
vcs: do an early detection of vcs-type request....
r1297
core: use proper event to bootstrap pylons env....
r1309 def vcs_detection_tween(request):
project: added all source files and assets
r1 """
core: use proper event to bootstrap pylons env....
r1309 Do detection of vcs type, and save results for other layers to re-use
this information
project: added all source files and assets
r1 """
pylons: remove pylons as dependency...
r2351 vcs_server_enabled = request.registry.settings.get('vcs.server.enable')
vcs_handler = vcs_server_enabled and detect_vcs_request(
vcs: do an early detection of vcs-type request....
r1297 request.environ, request.registry.settings.get('vcs.backends'))
if vcs_handler:
code: added more logging, and some notes
r1300 # save detected VCS type for later re-use
vcs: do an early detection of vcs-type request....
r1297 request.environ[VCS_TYPE_KEY] = vcs_handler.SCM
core: use proper event to bootstrap pylons env....
r1309 request.vcs_call = vcs_handler.SCM
pylons: remove pylons as dependency...
r2351
log.debug('Processing request with `%s` handler', handler)
vcs: do an early detection of vcs-type request....
r1297 return handler(request)
code: added more logging, and some notes
r1300 # mark that we didn't detect an VCS, and we can skip detection later on
vcs: do an early detection of vcs-type request....
r1297 request.environ[VCS_TYPE_KEY] = VCS_TYPE_SKIP
project: added all source files and assets
r1
pylons: remove pylons as dependency...
r2351 log.debug('Processing request with `%s` handler', handler)
dan
db: move Session.remove to outer wsgi layer and also add it...
r669 return handler(request)
project: added all source files and assets
r1
core: use proper event to bootstrap pylons env....
r1309 return vcs_detection_tween
project: added all source files and assets
r1
core: use application wide detection of invalid bytes sent via URL/GET/POST data.
r3145 def junk_encoding_detector(request):
"""
Detect bad encoded GET params, and fail immediately with BadRequest
"""
try:
request.GET.get("", None)
except UnicodeDecodeError:
raise HTTPBadRequest("Invalid bytes in query string.")
def bad_url_data_detector(request):
"""
Detect invalid bytes in a path.
"""
try:
request.path_info
except UnicodeDecodeError:
raise HTTPBadRequest("Invalid bytes in URL.")
def junk_form_data_detector(request):
"""
Detect bad encoded POST params, and fail immediately with BadRequest
"""
if request.method == "POST":
try:
request.POST.get("", None)
except ValueError:
raise HTTPBadRequest("Invalid bytes in form data.")
def sanity_check_factory(handler, registry):
def sanity_check(request):
tests: fixed some tests for files pages.
r3776 log.debug('Checking current URL sanity for bad data')
core: use application wide detection of invalid bytes sent via URL/GET/POST data.
r3145 try:
junk_encoding_detector(request)
bad_url_data_detector(request)
junk_form_data_detector(request)
except HTTPException as exc:
return exc
return handler(request)
return sanity_check
project: added all source files and assets
r1 def includeme(config):
config.add_subscriber('rhodecode.subscribers.add_renderer_globals',
'pyramid.events.BeforeRender')
i18n: use consistent way of setting user language.
r1307 config.add_subscriber('rhodecode.subscribers.set_user_lang',
'pyramid.events.NewRequest')
project: added all source files and assets
r1 config.add_subscriber('rhodecode.subscribers.add_localizer',
'pyramid.events.NewRequest')
debugging: expose logs/exception when debug log is enabled.
r4768 config.add_subscriber('rhodecode.subscribers.reset_log_bucket',
'pyramid.events.NewRequest')
pyramid: moved extraction of user into a seperate subscriber.
r1903 config.add_subscriber('rhodecode.subscribers.add_request_user_context',
'pyramid.events.ContextFound')
tweens: check url sanity before vcs detection tween.
r3537 config.add_tween('rhodecode.tweens.vcs_detection_tween_factory')
core: use application wide detection of invalid bytes sent via URL/GET/POST data.
r3145 config.add_tween('rhodecode.tweens.sanity_check_factory')
request-wrapper: ensure we wrap WHOLE request not just logic after http detection.
r4157
# This needs to be the LAST item
config.add_tween('rhodecode.lib.middleware.request_wrapper.RequestWrapperTween')
token-access: allow token in headers not only in GET/URL
r4608 log.debug('configured all tweens')