diff options
| author | Florian Weimer <fw@deneb.enyo.de> | 2014-03-17 10:57:24 +0000 |
|---|---|---|
| committer | Florian Weimer <fw@deneb.enyo.de> | 2014-03-17 10:57:24 +0000 |
| commit | 6f60e9248ff6237ef866c0929e0fe89b984648ae (patch) | |
| tree | 67a53b83f5d4beace8eb9192b8c1216a252d85b6 /lib/python/web_support.py | |
| parent | 87fa04376e0d7debc6069553871a3d9054e25555 (diff) | |
web_support: Pass down https:// URLs to sever redirects
This is required because security-tracker.debian.org sets STS and
redirects to HTTPS, and recent Firefox versions do not handle http://
redirects in this context.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@26143 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'lib/python/web_support.py')
| -rw-r--r-- | lib/python/web_support.py | 33 |
1 files changed, 24 insertions, 9 deletions
diff --git a/lib/python/web_support.py b/lib/python/web_support.py index 866addef56..72a4932660 100644 --- a/lib/python/web_support.py +++ b/lib/python/web_support.py @@ -148,7 +148,7 @@ class URLFactory: generate URLs which reference to itself (see scriptRelative).""" def __init__(self, server_name, script_name, path_info='', - params={}): + params={}, secure=False): self.server_name = server_name or 'localhost' script_name = self._stripSlashes(script_name or '') if script_name[-1:] == '/' or script_name == '': @@ -157,6 +157,7 @@ class URLFactory: self.script_name = script_name + '/' self.path_info = self._stripSlashes(path_info) self.params = params + self.secure = secure def _convertArgs(self, args): arglist = [] @@ -198,10 +199,14 @@ class URLFactory: def scriptRelativeFull(self, path, **args): """Like scriptRelative, but returns an absolute URL, including the http:// prefix.""" - - return URL("http://%s/%s%s%s" % (self.server_name, self.script_name, - self._stripSlashes(path), - self._convertArgs(args))) + if self.secure: + schema = "https" + else: + schema = "http" + return URL("%s://%s/%s%s%s" % (schema, + self.server_name, self.script_name, + self._stripSlashes(path), + self._convertArgs(args))) def updateParamsDict(self, args): new_args = {} @@ -745,7 +750,7 @@ class ThreadingHTTPServer(BaseHTTPServer.HTTPServer, SocketServer.ThreadingMixIn): pass -RE_BASE_URL = re.compile(r'^http://([^/]+)(.*)') +RE_BASE_URL = re.compile(r'^(https?)://([^/]+)(.*)') class WebServiceHTTP(WebServiceBase): def __init__(self, socket_name): @@ -764,7 +769,8 @@ class WebServiceHTTP(WebServiceBase): url = URLFactory(service_self.server_name, service_self.script_name, - path, params) + path, params, + secure=service_self.secure) service_self.lock.acquire() try: @@ -811,8 +817,9 @@ class WebServiceHTTP(WebServiceBase): m = RE_BASE_URL.match(url) if m is None: raise ValueError("invalid base URL: " + url) - self.server_name = m.group(1) - self.script_name = m.group(2) + self.secure = m.group(1) == "https" + self.server_name = m.group(2) + self.script_name = m.group(3) def __test(): @@ -829,6 +836,14 @@ def __test(): assert str(u.scriptRelativeFull("/a/b", t='123')) \ == "http://localhost/a/b?t=123" + u = URLFactory(server_name=None, script_name=None, secure=True) + assert str(u.absolute("http://www.enyo.de/")) == "http://www.enyo.de/" + assert str(u.absolute("http://www.enyo.de/", t='123')) \ + == "http://www.enyo.de/?t=123" + assert str(u.scriptRelative("/a/b", t='123')) == "/a/b?t=123" + assert str(u.scriptRelativeFull("/a/b", t='123')) \ + == "https://localhost/a/b?t=123" + u = URLFactory(server_name='localhost.localdomain', script_name='/cgi-bin/test.cgi') assert str(u.scriptRelative("a/b", t='123')) \ |