MCPcopy
hub / github.com/HelloZeroNet/ZeroNet / UiRequest

Class UiRequest

src/Ui/UiRequest.py:35–875  ·  view source on GitHub ↗

Source from the content-addressed store, hash-verified

33
34@PluginManager.acceptPlugins
35class UiRequest(object):
36
37 def __init__(self, server, get, env, start_response):
38 if server:
39 self.server = server
40 self.log = server.log
41 self.get = get # Get parameters
42 self.env = env # Enviroment settings
43 # ['CONTENT_LENGTH', 'CONTENT_TYPE', 'GATEWAY_INTERFACE', 'HTTP_ACCEPT', 'HTTP_ACCEPT_ENCODING', 'HTTP_ACCEPT_LANGUAGE',
44 # 'HTTP_COOKIE', 'HTTP_CACHE_CONTROL', 'HTTP_HOST', 'HTTP_HTTPS', 'HTTP_ORIGIN', 'HTTP_PROXY_CONNECTION', 'HTTP_REFERER',
45 # 'HTTP_USER_AGENT', 'PATH_INFO', 'QUERY_STRING', 'REMOTE_ADDR', 'REMOTE_PORT', 'REQUEST_METHOD', 'SCRIPT_NAME',
46 # 'SERVER_NAME', 'SERVER_PORT', 'SERVER_PROTOCOL', 'SERVER_SOFTWARE', 'werkzeug.request', 'wsgi.errors',
47 # 'wsgi.input', 'wsgi.multiprocess', 'wsgi.multithread', 'wsgi.run_once', 'wsgi.url_scheme', 'wsgi.version']
48
49 self.start_response = start_response # Start response function
50 self.user = None
51 self.script_nonce = None # Nonce for script tags in wrapper html
52
53 def learnHost(self, host):
54 self.server.allowed_hosts.add(host)
55 self.server.log.info("Added %s as allowed host" % host)
56
57 def isHostAllowed(self, host):
58 if host in self.server.allowed_hosts:
59 return True
60
61 # Allow any IP address as they are not affected by DNS rebinding
62 # attacks
63 if helper.isIp(host):
64 self.learnHost(host)
65 return True
66
67 if ":" in host and helper.isIp(host.rsplit(":", 1)[0]): # Test without port
68 self.learnHost(host)
69 return True
70
71 if self.isProxyRequest(): # Support for chrome extension proxy
72 if self.server.site_manager.isDomain(host):
73 return True
74 else:
75 return False
76
77 return False
78
79 # Call the request handler function base on path
80 def route(self, path):
81 # Restict Ui access by ip
82 if config.ui_restrict and self.env['REMOTE_ADDR'] not in config.ui_restrict:
83 return self.error403(details=False)
84
85 # Check if host allowed to do request
86 if not self.isHostAllowed(self.env.get("HTTP_HOST")):
87 ret_error = next(self.error403("Invalid host: %s" % self.env.get("HTTP_HOST"), details=False))
88
89 http_get = self.env["PATH_INFO"]
90 if self.env["QUERY_STRING"]:
91 http_get += "?{0}".format(self.env["QUERY_STRING"])
92 self_host = self.env["HTTP_HOST"].split(":")[0]

Callers 1

handleRequestMethod · 0.90

Calls

no outgoing calls

Tested by

no test coverage detected